Last week, on March 13, the major crypto exchange BitMex was the subject of two DDoS attacks in a row. What has happened since then? The same crypto exchange tells us.
Denial-of-service attacks (DDoS) delayed or prevented purchase and sale orders from being delayed. This caused direct interruptions to the users of the crypto company.
“After these two incidents we have been working 24 hours a day to gather the post-mortem facts of the incidents.”
The BitMex team expressed in a press release.
The intention of said communication is to share some additional details and answer the doubts of its clients. What happened since the service stopped working? And what improvements is the exchange taking?
What happened at BitMex?
In the early hours of March 13, the first DDos attack against Bitmex began. During a peak moment of market volatility, the botnet overwhelmed the platform through a Trollbox. This caused the bid optimizer to run incredibly inefficiently.
The platform announced that a month ago, on February 15, these same attackers had attempted a similar attack, but without success.
“At the time, we misdiagnosed this as a failed disk, believing it to be a hardware failure with our cloud provider.”
DDoS caused the processing of messages in our API layer to slow down. The worst affected were traders who were trying to make transactions at the time.
The second attack
Ten hours after the first attack, BitMex was the victim of another similar attack.
“In both cases, our traffic filtering systems found and blocked the traffic, but the traffic generated a significant internal queue.”
As the crypto exchange team was still working on finding the reason for the first crash, everyone was busy at the time.
Learning from the first attack, they quickly cleared the queue manually to resume system trading operations.
BitMex responded to affected users
Although it is not an attack that seeks to steal money from users’ wallets, the biggest problem comes from the fact that it was just at a time of high volatility. So the traders lost money by not being able to make the transactions at the right time.
“The security of user data is our highest priority. There is no threat to individual personal information because a DDoS attack is not a hack. ”
BitMEX calculated the delta at the Index Price in which the affected users entered the purchase or sale order, and then responded to these users. According to the company, a total of 40,297 XBT was reimbursed.
BitMEX refines your security
The first thing to mention is that no system is immune to DDoS attacks. There are many techniques that can be used to reduce or eliminate the impact, but there is no way that they cannot occur.
“Additional efforts are being made to increase automated scalability under load and to further isolate critical systems.”
As part of the ongoing monitoring and mitigation efforts mentioned above, the BitMEX team is reviewing the oldest, and therefore most vulnerable, parts of the system to simplify, decouple, improve performance, and isolate critical systems.
At the same time, the crypto exchange team is developing public protocols around downtime, market suspension, resumption, and communication. This will provide even greater transparency for your users if they face any service disruption in the future.
On the other hand, some traders are accusing BitMEX of purposely disrupting trading to prevent further BTC outflows from their platform in the face of high volatility. Do you think it was a trick of the crypto exchange?