Topic: DDOS Payback - page 2. (Read 8437 times)

What if the mafia or criminal enterprises are finaly looking on Bitcoin as a tool for their shady financial activities. They want some coins for testing so they DDOSed and manipulated the price down, so they can bought a lot of them for cheap. 

The purpose is to kill off Bitcoin as a currency and as a community.

Almost every major Bitcoin website has been under DDOS attack over the past few days. It’s becoming a real problem, not just for the exchanges. It is also opening up other vulnerabilities.

Installing defensive tech (like cloudflare) is not enough. Isn’t the Bitcoin community supposed to include some of the best hackers in the world? We should set up a bounty and take the fight to whatever botnets are trying to mess with Bitcoin.

As long as attackers can get away with it for free, attacks will continue. Let's just readjust their incentives a bit  

I suggest setting up:

0. Reward for proving that there is a real attacker
1. Reward for whoever can identify the source of the attacks
2. Bounty for taking down (with prejudice) any major attackers


Considering the potential losses for major Bitcoin businesses if these attacks continue, I’m sure pledging a few coins each for this would be worthwhile. It might also be a good project for the Bitcoin Foundation...

To mitigate these types of attacks you just run multiple versions of the site in multiple virtual machines and simple pause one of them, take a snapshot, make the snapshot live. The data can be migrated in the background.  Basically the way to defeat the DDOS is by cloud based migration.

This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

This page (https://blockchain.info/) is currently offline. However, because the site uses CloudFlare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by CloudFlare | Hide this Alert

Let me explain about DDoS (I know many here know).

The problem is it's like standing in the middle of a clear field against an unseen army in the forest. You have to stand in the field so people can find you, but you're completely exposed to attack. You just have to be able to take everything that comes your way.

Translated to Web technology this means most sites exposed to significant DDoS attack are effectively disabled. There are mitigation techniques/software to reduce the effectiveness of attacks, but as the link provided above, which gives good information, points out even spending thousands of dollars on expert defenses is not always enough. The only real answer, like standing in that field, is to be big enough and bad enough to take it, having loads of bandwidth, servers, software etc. to ride the attack out. Cloudflare is something that helps the issue greatly, because they take the expensive problem many have independently and address it with consolidated resources. Still, it's an underdog fight to start with.

So how to effectively address DDoS? You might try finding the attacker(s) using social means as mentioned. The problem there is you'll never find everyone if anyone. Pooling resources, money, brain power, etc. in the style of Cloudflare in more organized ways might help.

The problem is more systemic. For example, there are DDoS extortion cases where it's less costly for a victim site, like a profitable gambling one, to pay a ransom then suffer extended downtime.

I'd say you really have to take away the main weapon which is botnets. To do that you have to provided better security against computer sheeple allowing their computers to be used unwittingly. I actually had a business idea which was a computer that was virus proof (it basically stored files in a compartmentalized way, and clean re-installed the OS with a click or on automated schedule) but never developed it.

How exactly do large scale companies deal with DDOS?

Like Banks, Ebay, US Gov sites, etc?

0. Reward for proving that there is a real attacker

This needs to stop... These "DDOS" attacks are just killing BTC. When the price routinely drives down, people will start to cut their losses and move on.

banks can't legally do it. at least not here in the US.

..while running a DDoS on the whole of Wales in the background mwahahah!!

That is funny. A virus fighting virus attack.

Maybe reset their background to a picture of the lone ranger with a message "Your system is now free from bad guys"

Most vaccines contain a little bit of a disease germ that is weak or dead.

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

If most of the IP's used in DDoS's are infected PC's then wouldn't that mean most of these PC's are vulnerable to attacks?

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html