In brief

  • EXMO, a UK-based cryptocurrency exchange, suffered a DDoS attack.
  • The website was down for hours.
  • Attackers stole $10 million from the exchange in December.

Servers for the UK-based cryptocurrency exchange EXMO were down this morning in the wake of a DDoS attack.

The service was unavailable for about three hours, and has since come back online, according to a representative for the company.

“EXMO's resumed its work,” the spokesperson told Decrypt. “Now everything is running properly. Unfortunately, with a splash in market activity, which undoubtedly drives a positive change, many negative phenomena are back as well. DDoS, which we’ve faced, is just one of them.”

She also clarified that the attack affected the company's entire infrastructure, "including the website, API, Websocket API and exchange charts," and said additional security measures are being implemented to prevent this sort of thing in the future.

A DDoS (distributed denial of service) attack is a coordinated attempt to overload a website and interrupt online activity. It’s a common tactic among malicious actors in the crypto space: sites for Binance, Bitfinex, and OKEx have all experienced DDoS attacks.

Last month, service issues on the anonymous browser service Tor were chalked up to a form of DDoS attack.

And while EXMO hasn’t shared much information about the severity of the incident, this attack comes less than two months after a security breach that drained about 5% of the company's assets.

At the time, analysts told Decrypt that over $10 million may have been stolen from the exchange.

EXMO has been around since 2013, and pitches itself as a competitor to more popular global crypto exchanges. A short “about us” page on its website boasts “more than six years of operation without data leaks and hacks,” which should probably be updated at some point.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.