Bitcoin Exchange Mt. Gox DDoS Attack: It’s Been an Epic Few Days
Bitcoin Exchange Mt. Gox Attacked!
Mt. Gox responds on Facebook about it’s DDoS attack and the epic week the Bitcoin exchange has had.
It’s been an epic few days: What happened?
Dear Mt.Gox users and Bitcoiners,
It’s been an epic few days on Bitcoin, with prices going up as high as $142 per BTC. We all hope that this is just the beginning!
However, there are many who will try to take advantage of the system. The past few days were a reminder of this sad truth.
Mt.Gox has been suffering from its worst trading lag ever, 502 errors, and at one point some users were not able to log in their account. The culprit is a major DDoS attack against Mt.Gox.
Since yesterday, we are continuing to experience a DDoS attack like we have never seen. While we are being protected by companies like Prolexic, the sheer volume of this DDoS left us scrambling to fine-tune the system every few hours to make sure that things don’t go beyond a few 502 error pages and trading lag.
Why has Mt.Gox become the target of a DDoS attack?
It is not yet clear who is behind this DDoS and we may never know, but these actions seem to have two major purposes:1. Destabilize Bitcoin in general.
It is not a secret Mt.Gox is the largest Bitcoin exchange with more than 80% of all USD trades and more than 70% of all currencies. Mt.Gox is an easy target for anyone that wants to hurt Bitcoin in general.2. Abuse the system for profit.
Attackers wait until the price of Bitcoins reaches a certain value, sell, destabilize the exchange, wait for everybody to panic-sell their Bitcoins, wait for the price to drop to a certain amount, then stop the attack and start buying as much as they can. Repeat this two or three times like we saw over the past few days and they profit.What can be done?
Believe it or not, there is pretty much nothing that can be done. Large companies are frequently victims of these kinds of attacks. Even though we are using one of the best companies to help us fight against these DDoS attacks, we are still being affected.There are a few things that we can implement to help fight the attacks, such as disconnecting the trade engine backend from the Internet. By separating the data center from the Mt.Gox website, we will continue to be able to trade.
What can you do?
Like our favorite author here at Tibanne says… Don’t Panic!“Panic-selling is a wide-scale selling of an investment which causes a sharp decline in prices. Specifically, an investor wants to get out of an investment with little regard of the price obtained. The selling activity is problematic because the investor is selling in reaction to emotion and fear, rather than evaluating the fundamentals.” (Source: Wikipedia)
I understand that many of you have a lot at stake here, but remember that Bitcoin, despite being designed to have its value increase over time, will always be the victim of people trying to abuse the system, or even the value of Bitcoin decreasing occasionally. These are not new phenomena and have been present since the beginning of time when humans first started trading.
Trade Engine Lags
Lag affects everyone, not only us, but also major, world-renowned exchanges like the NASDAQ and NYSE. We can fix lag, but we cannot eradicate lag. Only small exchanges with low volume and liquidity are immune to lag.Does this mean that we are giving up fighting lag? Hell, no. We are working on it by creating a new trade engine that will solve many problems, but it’s not a magic bullet. We can always try to scale our servers, but we cannot predict what happens from external sources: DDoS, panic selling, immediate increase of buyers, etc. Lag will always be there, but our mission is to make lag as small as possible.
Account Verification
As if a major DDoS attack was not enough, we at Mt.Gox are victim of our own success!Last year, Mt.Gox saw an average of 9,000 to 10,000 new accounts created every month. This number doubled in January, tripled in February, and sextupled in March. In this month alone, over 57,000 new accounts were created!
Our support and account verification team went from four people in January 2012 to twenty-two people working every day of the week. We are now hiring even more people to solve this problem by finalizing some deals with external companies.
Remember that even if you are waiting for your account to be verified, you can still deposit or withdraw funds via our Japanese account and make your trades! (Only accounts that we pro-actively required to be verified are limited to deposits and trade only.)
Finally
We have seen a significant amount of comments on the web (various forums, Reddit, etc.) that portray Mt.Gox as a company held by “idiots” and other rather rude words, complaining about inability to deal with lag and other system issues, without understanding the magnitude of work and attacks we are facing every day.I understand the frustration many of you feel. We hate this situation as well. Since we took over Mt.Gox, we have been through Hell and back and we are still here. We are still the largest exchange with over 420,000 trades per month and USD $121 million monthly trade volume. We have worked our way through all the requirements needed to run our exchange legally.
Now, there are some things we can improve, but so far we are doing an incredible job that no other exchange has been able to do so far. While I understand a certain amount of frustration, realize what we have accomplished. I appreciate all the work you are doing everyday to push things forward and to help secure the future of Bitcoin
And to all of you who are supporting us on a daily basis, thank you! We could not have done any of this without your help!
[…] April 2013, Mt.Gox was hit with denial of service attacks. “It’s been an epic few days on Bitcoin,” said Mt.Gox, “with prices going up as […]
[…] April 2013, Mt.Gox was hit with denial of service attacks. “It’s been an epic few days on Bitcoin,” said Mt.Gox, “with prices going […]
[…] exchange has been plagued with liquidity and security issues over the last year. These include denial of service attacks in April 2013 and halted USD withdrawals in June 2013. Each event caused a […]
[…] exchange has been plagued with liquidity and security issues over the last year. These include denial of service attacks in April 2013 and halted USD withdrawals in June 2013. Each event caused a price […]