The Mt. Gox Bitcoin exchange has been subjected to a major DDOS attack. Trading on the exchange, which handles most trades in Bitcoins, has been sluggish as the site struggles to get back on an even keel. According to a press release issued today by Mt. Gox, “Since yesterday, we are continuing to experience a DDoS attack like we have never seen. While we are being protected by companies like Prolexic, the sheer volume of this DDoS left us scrambling to fine-tune the system every few hours to make sure that things don’t go beyond a few 502 error pages and trading lag.”

It adds: “It is not yet clear who is behind this DDoS and we may never know, but these actions seem to have two major purposes: Destabilise Bitcoin in general.It is not a secret Mt.Gox is the largest Bitcoin exchange with more than 80 per cent of all USD trades and more than 70 per cent of all currencies. Mt.Gox is an easy target for anyone that wants to hurt Bitcoin in general. Abuse the system for profit. Attackers wait until the price of Bitcoins reaches a certain value, sell, destabilise the exchange, wait for everybody to panic-sell their Bitcoins, wait for the price to drop to a certain amount, then stop the attack and start buying as much as they can. Repeat this two or three times like we saw over the past few days and they profit.”

The value of Bitcoins hit a record high this week of $147. But they dropped sharply in value as the Mt. Gox exchange came under attack. Marty Meyer, president at Corero Network Security, comments: “As the largest Bitcoin exchange in the world, Mt. Gox is certainly an attractive target for attackers. What is interesting in this case is that a DDoS attack was used to destabilise the exchange, as well as push people in to panic-selling of Bitcoins. As Mt. Gox themselves have said, large companies are frequently victims of these kinds of attack. No industry as we are seeing is immune to DDoS attacks which are consistently growing in size and power."

He adds: "To combat these attacks organisations need to be able to identify where traffic is coming from, and put in place policies to block bad IP addresses from unwanted traffic such as DDoS, zero-day and server targeted attacks. Organisations cannot rely on traditional security technologies to stave off these increasingly sophisticated attacks at the perimeter which are now easily bypassing these traditional security technologies. Although Mt. Gox’s services have been affected, they have dealt with the attack in the best way possible, by identifying the issue, and are now working to disconnect the backend trading engine from the Internet, meaning the Bitcoin exchange can no longer be destabilised through a DDoS attack. However, this hasn’t stopped Bitcoin from losing revenue and having traders put at risk. Organisations need to have plans in place and technology designed specifically to identify and stop these new breeds of cyber attacks at the perimeter.”

Share Story: