Security Experts:

Mt.Gox Bitcoin Exchange Hit With DDoS Attack

Bitcoin exchange Mt.Gox added its name to the list of organizations stung by distributed denial-of-service attacks in recent weeks.

Mt.Gox, which is based in Tokyo, did not respond to a SecurityWeek request for comment before publication, but noted in a statement on its site that it was hit with a DDoS attack April 3 that continued on to April 4.

"While we are being protected by companies like Prolexic, the sheer volume of this DDoS left us scrambling to fine-tune the system every few hours to make sure that things don’t go beyond a few 502 error pages and trading lag," the company said in a statement April 4.

The company said it is not clear who is behind the attack, but that it may have been aimed at abusing the system for profit.

"Attackers wait until the price of bitcoins reaches a certain value, sell, destabilize the exchange, wait for everybody to panic-sell their bitcoins, wait for the price to drop to a certain amount, then stop the attack and start buying as much as they can," according to the company. "Repeat this two or three times like we saw over the past few days and they profit."

DDoS is a perfect weapon for creating issues in the bitcoin market that can be taken advantage of, said Corero Network Security President Marty Meyer told SecurityWeek.

"The attackers understand that bitcoin exchanges have not taken steps to detach the front-end trade entry (which must be internet facing by definition) and the back-end trade execution and calculation platforms," he said. "This is much like how banks have web facing on-line banking applications but their back-end applications which perform the actual money transactions are not web-facing."

In the past few weeks, American Express and the Spamhaus Project were also hit with DDoS attacks. The Spamhaus attack was referred to by some as perhaps the largest DDoS attack to date.

"The global internet growth and use of web applications has simply outpaced organizations who do not have infinite budgets for IT security," Meyer said. "They attempt to rely on traditional technologies such as firewalls but those are vulnerable to attacks, such as DDoS, which have themselves become more sophisticated and are attacking at the application level. This is a global issue that has been exposed and organizations must take the first step in their security 12 step program and admit they have vulnerabilities. They must also invest in the technology required to prevent the effects of these attacks and work together to share attack data in an open and transparent way with both consumers and with other organizations."

view counter