DDoS Attack on Exmo: A Closer Look at the Incident

Understanding the DDoS Attack on Exmo

On a typical day, when you log into your preferred cryptocurrency exchange, you expect smooth sailing. However, on that fateful Monday, Exmo, a prominent London-based cryptocurrency exchange, found itself in the choppy waters of a Distributed Denial-of-Service (DDoS) attack. This was no ordinary inconvenience; the platform, which boasted a trading volume of $75 million, became essentially non-operational, as the servers were overwhelmed by malicious requests coming from infected machines worldwide.

What is a DDoS Attack?

The technical jargon can be exhausting, but here’s the scoop: a DDoS attack is like throwing a surprise flash mob of requests at a restaurant, causing it to trip over itself and, inevitably, serve all the wrong dishes. Only, in this case, the ‘dishes’ are server requests, and the restaurant—well, that would be our dear friend, Exmo. With hackers bombarding their servers, their website went down, leaving traders in a virtual limbo.

Exmo’s Response and Impact

Upon discovering the cyber assault, Exmo quickly took to Twitter to inform users and assure them that the issue was being tackled. But let’s not sugarcoat it: traders might have felt like they’d forgotten their wallets while trying to buy ice cream. As of the last update, Exmo announced, “The servers are temporarily unavailable. We are solving this issue right now. Please stay tuned.” This incident sent ripples through the cryptocurrency community as trading volumes on Exmo plummeted by about 4.9% over 24 hours.

A Troubling Pattern

This DDoS incident wasn’t an isolated hiccup for Exmo. Just two months prior, they battled another formidable foe—$10.5 million worth of cryptocurrencies vanished in a heist that left them reeling. The hackers behind that breach had managed to elude authorities, withdrawing millions in various cryptocurrencies, including $1 million in XRP and $2.8 million in ZEC.

Strengthening Security Measures

Maria Stankevich, Exmo’s Chief Business Development Officer, stated that lessons were learned and significant protocols have been put in place since the breach. For instance:

Cryptocurrency withdrawals were outsourced to the secure custody arm of the hardware wallet company, Ledger.
A bug bounty program was initiated—because who doesn’t love getting rewarded for finding flaws? It’s like an Easter egg hunt but for cybersecurity.

With these measures, Exmo is gearing up to provide a safer trading environment for its users, making them feel more like a customer at an upscale restaurant rather than a bystander to chaotic kitchen antics.

Regulatory Compliance and Future Endeavors

Let’s not forget the regulatory landscape. As of January, all exchanges operating in the UK needed to register with the Financial Conduct Authority (FCA) to comply with Anti-Money Laundering (AML) regulations. Exmo, along with others, has received a temporary registration from the FCA while they formally sort through their applications. It’s a bit like being given a hall pass but needing to show up later for class—or in this case, compliance success.