T he onslaught of DDoS attacks targeting bitcoin websites around the world isn’t showing any signs of abating as an Indian bitcoin exchange came under attack today. Indian bitcoin exchange Coinsecure saw a spike in traffic this Monday morning local time. The number of connections attempting to reach the website was enough to disrupt exchange activity. Operational delays ensued on its website, mobile application and other API-enabled platforms. In an email to customers, the bitcoin exchange revealed the reason for the delays. We were under a massive DDoS attack this morning that blocked traffic temporarily to our website, API and Android App. You may have experienced delays in withdrawals and deposits as well, this morning. The email, which reached customers afternoon in local time, confirmed that the website was fully operational again, following several hours of disruption. Bitcoin Exchanges. Ripe Targets? Bitcoin exchanges and websites are perhaps the most-obvious targets for DDoS extortionists seeking ransom in bitcoin. Still, Kraken CEO Jesse Powell told CCN in an earlier exchange that bitcoin companies aren’t always the best targets. “Most Bitcoin companies aren’t profitable and we’re therefore not great targets,” said Powell, whose exchange suffered a DDoS attack in November last year. Thai bitcoin exchange Bitcoin Co. Ltd., also suffered a DDoS attack in November 2015, albeit from a different perpetrator. “We have received several DDOS-ransom letters to https://bx.in.th,” Bitcoin Co. Ltd Managing Director David Barnes told CCN . “[The] last was supposedly from Armada Collective requesting 10BTC.” More importantly, he added: Attackers seem to lose interest quickly when you block them or don’t respond to their messages. CCN was also targeted in November 2015, with one extortionist communicating via email to demand 2 bitcoins in ransom. The email was ignored and we duly put up a 5 BTC reward for any information leading to a successful police report. While we came short of finding details, CCN continues to be targeted frequently with DDoS attacks. At the time in 2015, bitcoin was trading near peaks of $500 and has come a considerable way since while avoiding volatility. As the value of the cryptocurrency makes gains with stable footing, bitcoin businesses and websites continue to remain targets. A New Wave of Attacks The latest instances of DDoS disruptions could ostensibly be new wave of attacks targeting bitcoin websites. Last week, European bitcoin and altcoin exchange BTC-e was also targeted, resulting in temporary disruption of exchange activity. CCN was also the target of a DDoS attack last week. The website saw temporary disruption lasting 1-2 hours before the attacks were mitigated. Source: https://www.cryptocoinsnews.com/indian-bitcoin-exchange-suffers-outage-ddos-attacks-continue/
Continue reading here:
Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue
Forbes’ Thomas Fox-Brewster recently reported on a DDoS-for-hire tool. For $7500, anyone who wanted to cause a little online mayhem could rent an army of 100,000 bots. Its controllers boasted that the Mirai-based botnet could unleash attacks of 1 Terabit per second or more. Now there’s a new DDoS service that’s powered by four times as many bots. 400,000 of anything sounds like a lot, but how big is that in botnet terms? A security researcher who goes by the handle MalwareTech told Bleeping Computer’s Catalin Cimpanu that this new Mirai botnet is larger than all other the Mirai botnets combined . It’s being actively promoted on the Dark Web, and its handlers are even willing to give free demonstrations of its considerable capabilities to potential customers. You don’t have to rent all 400,000 bots if you don’t want to. A customer can specify how many bots they want to rent for an attack, the duration of the attack, and the length of the “cool-down period” they’re willing to accept so the bots don’t get overtaxed. Prices are adjusted accordingly, a Bitcoin payment is made, and customers are given an Onion URL to access the botnet’s controls so they can launch their attack. Access to a service like this doesn’t come cheap. Cimpanu was quoted $3,000 to $4,000 to utilize 50,000 bots for a two-week attack with 1-hour bursts and a 5-10 minute cool-down. Apart from the massive number of bots this Mirai botnet has at its disposal, Cimpanu notes something else that differentiates it from the others. This botnet has the ability to circumvent certain DDoS mitigation techniques. Its creators have given it the ability to broadcast fake IP addresses, which makes the attacks much more difficult to disrupt. It also has one prominent attack under its belt already: the one last month that targeted a mobile telecom provider’s network in Liberia. Though reports after the fact showed that the whole country was not ever knocked completely offline, this botnet definitely seems to have the capacity to make that happen. Aimed at the right servers, a fraction of its 400,000 bots can cause widespread disruptions. Just look at what a single gamer with money to burn and an axe to grind with the Playstation Network did to Internet users all over the east coast this month. Source: http://www.forbes.com/sites/leemathews/2016/11/29/worlds-biggest-mirai-botnet-is-being-rented-out-for-ddos-attacks/#5a31b930465a