Last week, on the 13th of march, the major crypto exchange BitMex was the object of two DDoS attacks in a row. What has happened since then? The same crypto exchange tells us this. The Denial-of-service attack (DDoS) have delayed or prevented the buy and sell orders are delayed. Which resulted in interruption of direct users of the crypto company.
“After these two incidents we have been working 24 hours a day to gather the facts post-mortem of the incident”.He expressed the team of BitMex in a press release.
The intent of this communication is to share some additional details and answer the doubts of their customers. What happened since the service stopped working? And, what improvements are taking the exchange?
What happened in BitMex?
In the early morning of march 13 began the first DDos attack against Bitmex. During a peak moment of market volatility, the botnet overwhelmed the platform through a Trollbox. What caused the optimizer deals to run in a way incredibly unhelpful. The platform has announced that a month ago, on the 15th of February, these same attackers had attempted a similar attack, but without success.
“At that time, we diagnose wrongly this as a disk failed, believing that it was a hardware failure with our cloud provider”.
The DDoS made that the processing of the messages in our layer API will slow down. The worst-affected were traders who were trying to make transactions at that time.
The second attack
Ten hours after the first attack, BitMex was the victim of another similar attack.
“In both cases, our systems of traffic filtering they found and blocked the traffic, but the traffic was generated by an internal queue significant”.
As the team of the crypto exchange was still working to find the reason of the first breakdown, they were all busy at that time. Learning from the first attack, they deleted quickly the queue manually to resume the trading operations of the system.
BitMex responded to the affected users
Although it is not an attack that seek to steal money from the wallets of the users, the major problem comes from the fact that just was in a time of high volatility. So that the traders lost money by not being able to make transactions at the right time.
“The security of user data is our highest priority. There is not threat to the individual personal information because a DDoS attack is not a hack”.
BitMEX calculated the delta to the Price of the Index on the that the affected users were introduced to the buy or sell order, and then respond to these users. According to the company was reimbursed a total of 40.297 XBT .
BitMEX fine tune your security
The first thing to mention is that no system is immune to DDoS attacks. There are many techniques that can be used to reduce or eliminate the impact, but there is no way that can’t occur.
“We are making additional efforts to increase the scalability of automated under load and to further isolate the critical systems”.
As part of the ongoing efforts of monitoring and mitigation mentioned above, the team of BitMEX is currently reviewing the older parts and, therefore, the most vulnerable in the system to simplify, decouple, improve performance, and to isolate critical systems. At the same time, the team of the crypto exchange is developing the protocols for public around the time of inactivity, the suspension of the market, the resumption, and the communication. This will provide a transparency and even more for their users if they face any interruption of service in the future. On the other hand, some traders are accusing BitMEX to cause the interruption of the trading purposely to prevent the further exit of BTC from its platform in the face of great volatility. Do you think that was a trick of the crypto exchange?