Topic: [ANN] KRAKEN.COM - Exchange with USD EUR GBP JPY CAD BTC LTC XRP NMC XDG STR ETH - page 195. (Read 628889 times)

All right I get it.
However, once action happens, trading on the website like placing/cancelling orders is not possible for me.
Good to know you are working on a system upgrade.

website unavailable again

should change that to useless 

no honestly, this is stooopid

One word: Incapsula

As I mentioned before, this may be due to increased trade action under those circumstances rather than increased level of attack under those circumstances. With the heavy increase in traffic, some legit, some not, our systems are under heavy load and part of the solution we are working on is a system upgrade. 

Sure, if the attackers are trading on our exchange, then they wouldn't be relying on having access while access is limited. But that doesn't mean that there's no way for them to profit from it. They might be trying to initiate a market crash so they can pick up cheaper coins later, or they might open a short position beforehand looking to close it later after the crash. The market can still move during an attack, because DDoS doesn't usually take down servers - it constrains the access to those servers and different people may experience different levels of access. Some may have no access while others just find that the site is slow for them. It can also happen that people aren't able to login and trade on our platform, but the API is still working. So people can have different levels of access, but there's no group with privileged access.

I should emphasize that we don't know if the attackers are trading on our exchange, only that they could be. It may even be that the attacks are not intended to manipulate price. Maybe the attackers have some other motive, but this seems less likely.  

Dargo,

Scary stuff.
My observation from the last 3 hours is, that as long the price is moving *not close* to any important trend line, the site is accessible. But, at the very moment when the price moves very close to an important trend line (possible breakout expected), site becomes inaccessible or as I am logged in already it stoppes responing at all. - this happened the last 3 hour every single time for such a case.  So the last 3 hours wasn't any breakout or huge price move, and the site became accessible again.
But during my trading yesterday, once  larger price moves happened, it was impossible to perform any action until about 5 -10 minutes after heavy price movements had stopped.
It's obvious that this didn't help me to prevent losses or take profits.

The scary part is, that it really happened every single time. So the attackers clearly seem to know what they are doing.
Anyone else observing similar things ?

action starts, and kraken goes belly up 

bad habit for a business

I've alerted support to your request and they will respond as soon as they can.

I've alerted support to your request and they will respond as soon as they can.

Dargo can you please check request 65457. It`s very urgent. Thanks a lot!

The same moment that happened to them, they should stop the trading. Many got margin called, while they were unable to close the positions because their site was unavailable!

If your website is down and API unaccessible how is price moved? Who can place market orders while all the rest can't? Why the attackers are so confident they can trade at Kraken while all the rest can't?

Is there a customer or group of customers that have privileged access to your trading engine? They must also have access to the order book, including hidden orders! They can profit only if they know at what price level majority of 'take profit' and 'margin liquidation' orders are grouped.

Dargo. Please check request 65448. Thank you.

Hi All,

We've been under DDoS all day (since about 5 am PDT). We managed to mitigate it pretty well but it never went away, has varied in intensity, and still impacts site performance. Whoever is doing the DDoS is probably doing it to manipulate price and of course they are going to try to cause trouble right when the market starts to move and is most ripe for manipulation. Also, heavy trade action puts more load on our resources and, when we're also under DDoS, could contribute to the site being less responsive.

So, yes, there's a correlation right now between site access/performance and heavy price action. I'm not sure why people think this correlation is reason to question the DDoS explanation because the explanation fits perfectly well. Sure, there are other explanations that fit too, and ultimately we can't prove to you that it's in fact DDoS and not something else. I understand why people are inclined to distrust exchanges though in light of history.

We are investigating to see if we can find a connection between the DDoS and trading on our site and will take appropriate action if we can identify someone, but it may be very hard to do so.

As I already mentioned, we will also further enhance our DDoS protection. But DDoS protection only comes in degrees, so making it stronger can't rule out the possibility of being impacted by a larger attack.

 

No way that Kraken would risk doing just that. (IMO)
Plenty of other possible bottlenecks "could" play a part  (just brainstorming here) :
Just to name a few:
- server/hardware configuration/setup (tweaking/upgrade needed?)
- database processes handling (tweaking needed?)
- general coding (rewriting parts of code to use resources more effective - that takes long but often makes the difference)
- Cloudflaire protection filter tuning (balancing between fastest possible access of clean traffic while malicious traffic gets blocked)
etc etc.





(edited for wording)

I experience the exact same behavior. Once price movement gets heavy, it starts lagging and then ... site becomes inaccessible.
After heavy price movement is over, site becomes accessible again.
And exactly this lets many of us think twice about the officially reason given (DDoS).
Whatever it is, I am sure tech staff is working to resolve it. Why? Because it's a normal thing to do for professional folks at Kraken.
After all, Kraken's reputation is at stake here.

Problems happen, but it's the way how to deal with / solve them, which sets a company apart from the rest.


Release the Kraken !
Cheers

WHERE IS YOUR SUPPORT?

I don't believe there are DDoS atacks. The 'DDoS' attacks, as Serpens66 pointed out, always coincide with strong price movements. Kraken's customers can't take advantage of obvious trading and arbitrage opportunities. Usually this is unmistakable sign of insider manipulating profit taking and margin liquidation price levels.

That is exactly what I pointed out too:

However, Kraken claims that the trade volume and this problem are not related.
I am not sure what to believe.

the DDOS starts exactly to the moment of the big price movement?? (right now)