Crypto Exchanges OKEx and Bitfinex Suffer Simultaneous DDoS Attacks

Denial of service attacks are hitting both Bitfinex and OKEx, crippling the exchanges for short periods of time as Bitfinex CTO calls the attacks highly sophisticated.

Cryptocurrency exchanges OKEx and Bitfinex are suffering multiple denial of service attacks. It is unclear as of now if the attacks are connected, though OKEx CEO blamed competitors on his personal Weibo page.

OKEx first suffered a distributed denial of service (DDoS) attack on Feb. 27 at approximately 11:30 AM EST. CEO Jay Hao posted on his personal Weibo page as the attack was unfolding, blaming unnamed competitors in the attack. The attack routed as much as 200 gigabytes per second of traffic, which put strain on OKEx systems.

At approximately 4:30 AM EST on Feb. 28, the denial of service attacks resumed. This time Bitfinex was hit as well, as announced by the exchange’s Twitter account.

The Bitfinex status page shows that the attack lasted for an hour until 5:30 AM, severely crippling the exchange’s activity during that period as throughput fell close to zero.

In the same timeframe, OKEx was attacked again with another DDoS attack, as tweeted by Hao. The new denial attack reportedly routed 400 gigabytes per second of traffic, twice as much as the previous one.

An OKEx representative told Cointelegraph that the denials of service were “properly handled within a short period of time and no overseas client is impacted.”

The attack was conducted shortly after “temporary system maintenance” was completed, which had options and futures trading disabled during the maintenance period. The representative stated that the two events are completely unrelated.

Bitfinex representatives stated that the team implemented a “stricter protection level” as normal activity was resumed.

Bitfinex CTO Paolo Ardoino shared more information about the attack with Cointelegraph. He explained:

“The attacker tried to exploit concurrently several platform features to increase load in the infrastructure. While we use many different DDoS prevention mechanisms, the huge number of different IP addresses used and the sophisticated crafting of the requests towards our API v1 exploited an internal inefficiency in one of our non-core process queues.”

While he says that the platform was not affected in its core services and could resist the attack, he decided to enter maintenance to “quickly bring in the countermeasures and patch for all similar attacks.”

What could be the culprit?

Bitfinex CTO, Paolo Ardoino, revealed in a tweet that the attack was “very sophisticated,” with the team having “worked hard to completely annihilate it in a short period of time.”

In a follow-up tweet, he revealed that he was not aware of the OKEx attacks, but was “interested to understand similarities.” He added:

“We've seen a level of sophistication that means a deep preparation from the attacker. Good news: this family of attacks won't work again against Bitfinex.”

While Hao had initially blamed competitors, this was before the next attacks. It is unclear if they are connected with each other. While DDoS attacks are highly disruptive, their short duration is unlikely to alter the competitive landscape between exchanges.