Cloudflare detected and stopped a huge distributed denial-of-service (DDoS) attack on a cryptocurrency platform earlier this month.
A DDoS attack floods a server, service, or network with enough traffic to disrupt it, making it unavailable to users. More recently, DDoS attacks have been leveraging exploited computer systems, or bots, to send a surge of traffic at its target. That makes them harder to detect because all the traffic isn’t coming from one IP or geographic location.
Cloudflare did not identify the targeted crypto platform, saying only that it was a “crypto launchpad” used to identify decentralized finance (DeFi) projects for potential investors.
The attack, which attempted to inundate the crypto launchpad with 15.3 million requests per second, is one of the largest HTTPS DDoS attacks on record, according to Cloudflare.
HTTP, or hypertext transfer protocol, is used to send data between web servers and websites. HTTPS is a newer, more secure version of the HTTP protocol that encrypts the sent data and offers more security.
Cloudflare product manager Omer Yoachimik and systems engineer Julien Desgats explained in a blog that HTTPS DDoS attacks require more computing power to execute than HTTP-centric attacks.
The attempted attack on a crypto launchpad used a botnet with upwards of 6,000 unique bots.
“It originated from 112 countries around the world,” Yoachimik and Desgats wrote on the Cloudflare blog. “Almost 15% of the attack traffic originated from Indonesia, followed by Russia, Brazil, India, Colombia, and the United States.”
The Cloudflare researchers said they’ve been tracking the botnet that launched the attack, but did not identify it or the crypto launchpad that it targeted.
DDoS attacks on the rise
Botnet DDoS attacks, which leverage large networks of exploited machines, have been on the rise.
That’s due, in part, to the sheer number of devices now connected to the internet, which can become targets of malware, turning them into bots.
“The torrent of poorly secured IoT devices entering the market each month is fueling the DDoS fire—doubling or tripling the number of exploitable devices each year, with many of them with high-speed internet connectivity and running full-stack Linux,” Nokia Deepfield co-founder Craig Labovitz wrote in February. “Not only are DDoS attacks larger, but they are also significantly more challenging to detect and mitigate.”
DDoS attacks have long been a problem for crypto sites.
In late 2017, amid the ICO boom, Cloudflare noted a spike in DDoS attacks, saying several cryptocurrency exchanges had been targeted.
In 2020, Bitfinex, OKEx, and BitMEX all suffered back-to-back DDoS attacks.
In the same year, Binance CEO Changpeng Zhao blamed rival exchanges for a DDoS attack, causing “some lag and interruption of network access.”
Most recently, Solana blamed a DDoS attack for a 17-hour network outage in September that caused the price of its native token, SOL, to fall by 18%.
The best of Decrypt straight to your inbox.
Get the top stories curated daily, weekly roundups & deep dives straight to your inbox.
