A recent distributed denial-of-service (DDoS) attack temporarily took down the servers of EXMO, the well-known British cryptocurrency exchange.
In DDoS attacks, malicious operators overwhelm domain name system (DNS) servers with a relentless barrage of what often appear to be real service requests. Employing a wide range of nefarious techniques, cybercriminals magnify the volume of DNS queries, typically using a botnet comprised of thousands of enslaved devices. The result is a quantity of traffic suddenly focused on the victim’s network. Unable to cope with the torrent of queries, the servers are knocked effectively offline and unable to respond to legitimate user requests.
Public statements regarding the recent DDoS attack
A spokesperson for EXMO commented on the incident in a notification published online, confirming the nature of the assault:
“We are currently experiencing a DDoS attack on our platform. Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily unavailable.”
Later, in another advisory issued by EXMO via the exchange’s official Twitter account, it stated that its teams were working to address the situation and return its services to active operation. Although no further communications from the company were issued regarding the attack, the stoppage of service appears to have been temporary, as the dedicated cryptocurrency platform’s website and servers have now returned to online status and are up and running under normal parameters.
Streamlined designs for easy crypto-trading
EXMO prides itself on providing a simple-to-use platform for customers, as noted on its profile on LinkedIn:
“We pride ourselves on EXMO’s simple, intuitive interface, allowing users to begin their journey in crypto-trading easily. Our mission is to be your exchange portal to the cryptocurrency planet! Cryptocurrency is the future, and we will do our best to make this path extremely enjoyable and understandable for you.”
The British-run cryptocurrency exchange also describes itself as among the largest exchanges for cryptocurrency in Europe.
Although the platform was established back in 2014, EXMO has been registered temporarily with the UK’s Financial Conduct Authority (FCA) and is classified as a crypto asset company until July 9, 2021, after an official request was made in spring 2020.
This isn’t the first cyberattack the exchange has been subjected to. Towards the end of last year, in December, EXMO disclosed that unknown malicious actors had managed to withdraw around five percent of the exchange’s total assets after its hot wallets were compromised.
Unlike hardware or offline wallets, also known as cold wallets, which possess no online connection, hot wallets are entirely internet-connected and are employed by cryptocurrency exchanges to store certain assets temporarily for ongoing transactions and transfers of funds.
Following the previous incident, EXMO moved swiftly to suspend all user withdrawals and confirmed that all losses suffered by users during the event would be refunded in full by the British exchange.
It added that its teams were developing new infrastructure for the use of hot wallets and that measures were being taken to prevent similar events in the future.