DDoS attackers have gained a new target with the rise in value of cryptocurrency and the corresponding boom in new cryptocurrencies, namely the exchanges that power the trades between different cryptocurrencies, in addition to the computer systems that mine them.
Bryan Hamman, Arbor Networks’ territory manager for sub-saharan Africa, told IT News Africa recently that the cryptocurrency craze has been attracting millions of people from around the world.
“But unfortunately, it has also attracted the DDoS criminal underworld, as they look to cripple currency exchanges and potentially steal the valuable coins passing through these platforms. We see a number of worrying cases where DDoS attacks have disrupted the flow of trade on major cryptocurrency exchanges – including the likes of Bitfinex, Bittrex and Poloniex,” Hamman said.
While Bitcoin is the most famous of the cryptocurrencies, there are many others now in circulation, and exchanges are needed for people to transfer their cryptocurrencies into other crypto coin or into fiat currency, like USD or Rand. However, exchanges have come under threat from hackers with various hacks hitting the headlines, such as the one against Japan’s Coincheck in January 2018. Hackers stole $530M from users of the exchange. The money was held in NEM, a less well known digital currency. The exchange offered to refund 80% of the total lost itself, but the remaining 20% is still in question.
Furthermore, many exchanges have been hit by huge surges of legitimate traffic, particularly when Bitcoin was surging in value to over $20,000 per coin at the end of last year. The amount has now normalized to about half that value, but the feeding frenzy saw exchanges flooded with traffic. On top of that, DDoS attacks began to target the exchanges at the same time, placing yet more pressure upon them.
Hamman explains: “DDoS attackers use malware installed on thousands – even millions – of different PCs and other connected devices, essentially hijacking their resources to flood a the targeted exchange’s servers with massive volumes of traffic.
“Just like a DDoS attack on any other organisation, these assaults can pull down an exchange’s online systems, bring workflow and mission-critical processes to a halt, disrupt the trades between users, as well as causing untold reputation damage for the exchange.”
Furthermore, DDoS hackers are increasingly switching their focus to illegal cryptomining. The trend of cybercriminals installing cryptomining tools on target computers rather than tradition DDoS malware allows them to take over the host computers’ systems and computing resources and use them to power illegal cryptocurrency mining.
“This destabilises the cryptocurrency ecosystem in general, and raises concerns about using blockchain-like technology for other use-cases”, Hamman said. He added, “If virtual currencies are to truly reach mainstream adoption, and be accepted as an alternative currency to the US dollar and other major currencies, then the ecosystem will need to find ways to dealing with DDoS attacks”.