Incident Of The Week: Top Crypto Exchange Hit With DDoS Attack

Bitfinex Temporarily Halts Trading Amid Disruption



Dan Gunderman
06/08/2018

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. CSHub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a distributed denial-of-service (DDoS) attack which laid into a peer-to-peer cryptocurrency exchange and forced the platform to temporarily halt trading.

Bitfinex, one of the world’s largest digital currency exchanges, experienced this cyber-assault Tuesday morning. In a DDoS offensive, infected servers, which are part of the black-hat “zombie” device horde, overwhelm a system by volume (they can disrupt service or potentially knock sites offline).

P2P Exchange Under Siege

On its website, Bitfinex said, “The previous outage was caused by issues with one of our infrastructure providers. While the platform was recovering, the attack caused extreme load on the servers.”

In a June 5 tweet, the company stated: “Bitfinex is currently under extreme load. We are investigating the issue and will keep you all up to date as we learn more.”

Trading picked up again at around 11 a.m. ET, although the company said it was monitoring the situation.

According to CNBC, before announcing the attack, the company said it underwent “unplanned maintenance.”

See Related: Incident Of The Week: Ticketfly Hacked, Engineers Pull Site Offline

A spokesperson later stressed that the DDoS maneuver did not tamper with the core business assets/functions. They said: “The attack only impacted trading operations, and user accounts and their associated funds/account balances were not at risk at any point during the attack.”

Following this cyber-attack, Bitcoin’s prices fell 2%, reaching a low of $7,373.47.

The affected company was founded in Hong Kong in 2012 and fell under hacker cross-hairs in 2017, too, amid a market boom for the currency. The same report notes that in 2016, trading was suspended at Bifinex after a hack led to a leak of 120,000 bitcoins.


What’s Next?

The emergence of cryptocurrency has gradually rattled the security landscape. Disruptive technologies such as the secure ledger, blockchain, have been built around this virtual payment structure.

Furthermore, there has also been an uptick in ransomware attacks in the past one to two years, with hackers demanding bitcoins to decrypt sensitive data lifted from organizations. This has given Bitcoin a new functionality in the incident response cycle – as there are those who opt to pay the hacker(s).

There are also those who harness compute power in coin-mining attacks to build up a crypto-purse.

See Related: Incident Of The Week: FBI Attempts To Dissolve Botnet Wielding 500K Routers

This means that for now, cryptocurrency is not going anywhere, as it courses through both legal and black markets. Because it can function without the oversight of a central bank, it draws appeal. Yet, it has become a frequent cyber target, meaning that security around it may have to respond.

Because crypto-exchanges are now entryways to (illicit) financial gain (essentially a virtual vault), it begs the question of: What’s next for the digital currency? Does its encryption have a true security benefit? Or will it phase out with the emergence of another disruptive, more easily attainable technology?

The market is typically a good indicator of where technologies are moving. According to Market Watch, the Bitcoin market lull could continue.

Jani Ziedins said in a blog post that “Cryptocurrency had a very ugly May and it looks like things will only get worse. This is a long-term downtrend and lower lows are still ahead of us.”

Could cryptocurrency’s roller-coaster trajectory lessen its overall usage (and thus security value)?

The same piece notes that Tom Lee, Managing Partner at Fundstrat Global Advisors, said regulatory outlook could be the impetus the currencies need to progress.

He cited two crypto platforms that are moving toward the Securities and Exchange Commission’s (SEC) reach; meaning more regulation could be in store, and help keep the currencies afloat.

Be Sure To Check Out: Incident Of The Week: Hackers Tap Into Mexican Banks, Lift $15M