Bitcoin Exchanges Under Siege

Almost three out of four Bitcoin exchanges and related cryptocurrency sites have suffered a DDoS attack in the third quarter of 2017, said DDoS mitigation firm Imperva Incapsula in a report released recently.

The reason why attackers have shifted focus to Bitcoin sites isn't that hard to figure out. Since the start of the year, Bitcoin's price has exploded from $950 to over $17,000 this week.

As a hacker known as An0CBR told this reporter back in 2015, there's a flourishing underground market where Bitcoin site operators pay to take out their competition. With Bitcoin prices going through the roof, less scrupulous site operators would have most likely chosen to order DDoS attacks on their competitors in order to steal business away from those services.

Furthermore, we also can't rule out DDoS ransom demands, which in the past two years have gone through the roof, along with attempts to manipulate Bitcoin price.

Igal Zeifman, Director of Marketing at Imperva Incapsula, sees the shift toward the Bitcoin market as a natural shift from attackers, who "are drawn to successful online industries, especially new and under-protected ones."
DDoS capabilities are getting bigger

As for the rest of the quarter, the Incapsula report contains some significant developments. First and foremost, the company saw a rise in DDoS capabilities. The company detected more large-scale attacks in terms of packets-per-second but also traffic-per-second.

Imperva said it recorded over 144 DDoS attacks that blasted over 100 million packets per second (Mpps) at their targets in Q3, up from only 6 such attacks recorded in Q1 2017. The company says the largest DDoS attack it mitigated terms of sheer size peaked at 299 Gbps, and targeted its own IP ranges, in an attempt to down its systems.

A report from rival Cloudflare saw the same growth in attack size, with Cloudflare saying it often mitigates 400+ Gbps DDoS attacks at regular intervals.

Most DDoS attacks are now multi-vector
But the rise in DDoS capabilities wasn't the primary trend Imperva experts noticed. After adjusting their DDoS calculation algorithms, the company says that over 70% of today's DDoS attacks are multi-vector.
Multi-vector attacks are DDoS incidents where an attacker uses different protocols for the DDoS assault, such as SYN, TCP, UDP, ICMP, NTP, DNS, and others.

Attackers usually probe companies with multiple vectors in the beginning and then focus on the one that's most effective against a target's current defenses. Furthermore, attackers switch vectors at short intervals in case they want to keep DDoS mitigation teams on their toes and prolong the attack's efficiency before companies can track down the source and nature of attacks.

The 70% figure also means that most of these attacks are now launched from advanced botnets or DDoS-for-hire services that can handle multiple attack vectors, and not your do-it-yourself DDoS apps that someone can find to download on shady Internet sites.

Bleeping Computer

You Might Also Read:

Bitcoin: UK And EU Will Crackdown On Crime & Tax Evasion:

Bitcoin Just Isn’t Anonymous Enough:
 

 

« British Banks Are Hiding Cyber Attacks
Botnets Are Here To Stay »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Chertoff Group

Chertoff Group

The Chertoff Group provide security advice and risk management services covering cyber security, insider threat, physical security and asset protection.

RU-CERT

RU-CERT

RU-CERT is the CSIRT / CERT team of the Russian Federation.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Cybereason

Cybereason

Cybereason provides attack protection with cutting edge EDR and XDR, and industry recognized consulting services to support organizations throughout any stage of the incident lifecycle.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

Mendoza Ventures

Mendoza Ventures

Mendoza Ventures is a venture capital fund focusing on pre-seed Artificial Intelligence (AI), Fintech, and Cybersecurity startups.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Fortiedge

Fortiedge

Fortiedge is an IT Security solution provider specializing in Cyber Security practices and solutions for our clients.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Outsource Group

Outsource Group

Outsource Group is an award winning Cyber Security and IT Managed Services group working with a range of SME/Enterprise customers across the UK, Ireland and internationally.

Cygna Labs

Cygna Labs

Cygna Labs is a software developer and one of the top three global DDI (DNS, DHCP, and IP address management) vendors.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

Liberty Technology

Liberty Technology

Liberty Technology has a host of highly trained, certified experts who assist our clients with immediate remote support as well as on-site service.

Arcfield

Arcfield

Arcfield protects the nation and its allies through innovations in systems engineering and integration, space and mission launch assurance, cybersecurity, and missile support.