A DDoS attack is in progress on the servers of the well-known Bitfinex exchange.
This was announced a short while ago by the exchange itself on Twitter, and indeed at this moment, the website is not operational.
We are investigating what seems like a distributed denial-of-service (DDoS) attack. We will keep everyone updated on here and our status page https://t.co/u3pYCVVGQq as we know more.
— Bitfinex (@bitfinex) February 28, 2020
“We are investigating what seems like a distributed denial-of-service (DDoS) attack. We will keep everyone updated on here and our status page https://bitfinex.statuspage.io as we know more”.
The website now only displays the words “We will be back online shortly. Sorry for the inconvenience”, with a reference to the bitfinex.statuspage.io website and the official Twitter profile for updates.
The status page at this moment indicates that all Bitfinex services are suspended.
The DDoS attack is a variant of the DoS attack. The latter involves targeting the server with a huge number of connections in a very short time, preventing it from responding to everyone and therefore blocking it.
The DDoS variant involves the attack not being carried out by a single machine, but by many machines, often scattered all over the world, all of which together form a botnet.
Usually, these are computers infected with computer viruses, which the attacker can activate on command to almost simultaneously send enough connection requests to the server to make it unable to respond.
When the attack ends, everything returns to the way it was before, as the only effect of a DDoS attack is to render a server temporarily unreachable.
What is surprising, however, is the fact that Bitfinex servers are undoubtedly protected from DDoS attacks thanks to special safeguards, which means that either it is a massive attack that prevents the protections in use from being effective, or these precautions are not working properly, or maybe it could be something else entirely.
Moreover, Tether, which is part of the iFinex group of which Bitfinex is also a member, published an official note yesterday regarding the appointment of a Lead Counsel by the plaintiffs in the case against Tether.
It doesn’t seem that the two events are related, although it’s not to be excluded that the DDoS attack is targeting Bitfinex precisely because of the various ongoing lawsuits that accuse Tether of manipulating bitcoin prices.
In fact in the note Tether does nothing but repeat their unrelatedness to the facts.
Bitinex, end of the DDoS attack
UPDATE: a little less than an hour after the attack announcement the website is back online, most likely because the attack has ended.
Bitfinex has stated that it has implemented a stricter level of protection, confirming that it was a DDoS attack, and that all problems related to the attack have been resolved. The exchange is therefore 100% operational again.
However, such attacks may occur again in the future, especially if the level of protection is not high enough. Raising it, however, could prevent future attacks from happening.