Mt. Gox: Bitcoin Exchange Under DDoS Attack

By | April 04, 2013

Posted in: Enterprise DDoS Protection

Mt. Gox, the largest Bitcoin exchange in the world, is fending off a massive Distributed Denial of Service (DDoS) attack, according to a Facebook post.

The digital currency exchange, which is based in Tokyo, said that the ongoing DDoS attack has caused trading lags, generated error messages for users and even shut down the site for a period of time, according to the post.

Security Bistro spoke to Marty Meyer, President of Corero Network Security, a provider of network perimeter security solutions, who said that the size of the exchange made it an attractive target.

“What is interesting in this case is that a DDoS attack was used to destabilize the exchange, as well as push people in to panic-selling of Bitcoins," said Meyer.

A trading surge culminated yesterday, seeing prices reach as high as $142 per coin. This has created an environment for potential currency manipulation, according to the post.

Mt. Gox handles more than 80 percent of all US Dollar trades and more that 70 percent of all currencies, giving it the kind of high-volume currency traffic that makes it an attractive cyber crime target. It has also experienced massive growth in that time, adding an average of 9,000 to 10,000 new accounts every month. This month alone, Mt. Gox saw the creation of more than 57,000 new accounts, according to their post.

"Attackers wait until the price of Bitcoins reaches a certain value, sell, destabilize the exchange, wait for everybody to panic-sell their Bitcoins, wait for the price to drop to a certain amount, then stop the attack and start buying as much as they can. Repeat this two or three times like we saw over the past few days and they profit," wrote Bitcoin in a Facebook post.

Meyer said that oragnziations like Bitcoin who do the majority of their business online, need to implement a security strategy that mitigates these malicious events to prevent the possibility of fraud.

"To combat these attacks organizations need to be able to identify where traffic is coming from, and put in place policies to block bad IP addresses from unwanted traffic such as DDoS, zero-day and server targeted attacks. Organizations cannot rely on traditional security technologies to stave off these increasingly sophisticated attacks at the perimeter which are now easily bypassing these traditional security technologies," he added.

Mt Gox officials wrote in the Facebook post that they are working on creating a new trade engine that they hope will alleviate some of these issues.

You May Also Be Interested In: