In brief

  • Bitfinex just suffered an hour-long distributed denial-of-service (DDoS) attack.
  • OKEx suffered a similar attack less than a day earlier.
  • Bitfinex CTO wants to compare the two attacks.

Hong Kong-based cryptocurrency exchange Bitfinex suffered a distributed denial-of-service (DDoS) attack today, rendering its website and services offline in most regions for under an hour.

“Services on the Bitfinex platform have resumed. We implemented a stricter protection level as a result of our platform coming under a Distributed Denial-of-Service (DDoS) attack. All issues relating to the DDoS attack have now been resolved,” Bitfinex tweeted.

Nonetheless, this downtime occurred despite the exchange claiming to use "intelligent load balancing and failover routing among servers to increase performance," in addition to Cloudflare's DDoS mitigation services. This indicates the perpetrator behind the attack was hitting the exchange with serious bandwidth.

The first attack

Yesterday, Seychelles-based cryptocurrency exchange OKEx also suffered a similar attack, which saw the website go down for several hours.

The OKex team responded to the situation by improving the performance of the platform. According to a recent Weibo post by OKEx CEO Jay Hao, the traffic behind the attack appears to come from Kazakhstan and may have been brought on by a competitor.

"OKEx Global Technology Department is on duty 24 hours a day, and completes the anti-D traffic switching in minutes," said Hao.

But were the attacks linked?

“I was not aware of the attack against OKEx yesterday. I'm interested to understand similarities. We've seen a level of sophistication that means a deep preparation from the attacker,” Bitfinex CTO Paulo Ardoino tweeted today.

It appears the decentralized exchange Deversifi—which spawned out of Bitfinex—was also affected by the attack. Perhaps it’s less decentralized than we thought.