Bitcoin Exchanges Under Siege

Almost three out of four Bitcoin exchanges and related cryptocurrency sites have suffered a DDoS attack in the third quarter of 2017, said DDoS mitigation firm Imperva Incapsula in a report released recently.

The reason why attackers have shifted focus to Bitcoin sites isn't that hard to figure out. Since the start of the year, Bitcoin's price has exploded from $950 to over $17,000 this week.

As a hacker known as An0CBR told this reporter back in 2015, there's a flourishing underground market where Bitcoin site operators pay to take out their competition. With Bitcoin prices going through the roof, less scrupulous site operators would have most likely chosen to order DDoS attacks on their competitors in order to steal business away from those services.

Furthermore, we also can't rule out DDoS ransom demands, which in the past two years have gone through the roof, along with attempts to manipulate Bitcoin price.

Igal Zeifman, Director of Marketing at Imperva Incapsula, sees the shift toward the Bitcoin market as a natural shift from attackers, who "are drawn to successful online industries, especially new and under-protected ones."
DDoS capabilities are getting bigger

As for the rest of the quarter, the Incapsula report contains some significant developments. First and foremost, the company saw a rise in DDoS capabilities. The company detected more large-scale attacks in terms of packets-per-second but also traffic-per-second.

Imperva said it recorded over 144 DDoS attacks that blasted over 100 million packets per second (Mpps) at their targets in Q3, up from only 6 such attacks recorded in Q1 2017. The company says the largest DDoS attack it mitigated terms of sheer size peaked at 299 Gbps, and targeted its own IP ranges, in an attempt to down its systems.

A report from rival Cloudflare saw the same growth in attack size, with Cloudflare saying it often mitigates 400+ Gbps DDoS attacks at regular intervals.

Most DDoS attacks are now multi-vector
But the rise in DDoS capabilities wasn't the primary trend Imperva experts noticed. After adjusting their DDoS calculation algorithms, the company says that over 70% of today's DDoS attacks are multi-vector.
Multi-vector attacks are DDoS incidents where an attacker uses different protocols for the DDoS assault, such as SYN, TCP, UDP, ICMP, NTP, DNS, and others.

Attackers usually probe companies with multiple vectors in the beginning and then focus on the one that's most effective against a target's current defenses. Furthermore, attackers switch vectors at short intervals in case they want to keep DDoS mitigation teams on their toes and prolong the attack's efficiency before companies can track down the source and nature of attacks.

The 70% figure also means that most of these attacks are now launched from advanced botnets or DDoS-for-hire services that can handle multiple attack vectors, and not your do-it-yourself DDoS apps that someone can find to download on shady Internet sites.

Bleeping Computer

You Might Also Read:

Bitcoin: UK And EU Will Crackdown On Crime & Tax Evasion:

Bitcoin Just Isn’t Anonymous Enough:
 

 

« British Banks Are Hiding Cyber Attacks
Botnets Are Here To Stay »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CERT.LV

CERT.LV

CERT.LV is the national Computer Emergency Response Team for Latvia.

DXC Technology

DXC Technology

DXC Technology helps global companies run their mission critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services is a premier Managed Internet Technology (I.T.) company with a focus in cybersecurity risk management and CMMC compliance management.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

Cybalt

Cybalt

Cybalt is a security services company that provides end-to-end security solutions to help clients achieve their business goals.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

Anjolen

Anjolen

Anjolen provides expertise in cybersecurity, compliance and cyber forensic services.