Author

Topic: So mt. gox keeps getting attacked (DDOS) they release this statement (Read 1085 times)

legendary
Activity: 966
Merit: 1004
CryptoTalk.Org - Get Paid for every Post!
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
So, do you think then this was an attempt to drop the BTC price?  There was a DDOS on 3/29 right?  That set up a nice drop to buy in on, perhaps they hoped to duplicate that success.

Serious question: Can an entity attack itself on purpose to somehow use an attack to their advantage?

If I'm not mistaken, this forum was attacked while under the previous owner, whereupon afterwards said owner wanted to get from underneath this, thus offering it up for sale, whereupon Mt. Gox stepped in immediately and said they would take it, whereupon another offer was made, whereupon the previous owner told second offerer that the deal was already done with Mt. Gox.
full member
Activity: 122
Merit: 100
So, do you think then this was an attempt to drop the BTC price?  There was a DDOS on 3/29 right?  That set up a nice drop to buy in on, perhaps they hoped to duplicate that success.
sr. member
Activity: 504
Merit: 250
I don't understand why Gox didn't put up a statement on their page that trade was suspended the next x hours until they got it sorted. Their dashing for bringing trading up asap without having isolated the problem made them take another round of DDossing.  They should also have posted that they have a kill switch on the trading engine that would render any account hacking attempts void and peoples accounts were safe. Like a proper exchange.

Also when they came back up, there was a period of 10-15 minutes where some were able to trade and others not.

So yeah, they could have handled this better, but that's easy for me to state in hind sight. They were clearly panicking, trying to fix this as fast as possible, and actually adding to panic by being officially silent for most of the trading day.

I understand why, but try keeping a good reputation isn't a valid reason for me. If a lot people know that Gox is under DDOS to push the the USD/BTC exchange rate down and gives the attackers the possibility to buy BTC for cheap, would stabilize the market because people get the reason and don't think that Gox is very unstable or there is a crash ahead.

I was not tempted to buy back cheap and was waiting any second to se hacked accounts being emptied on the book like in 2011.

I kind of figured that this was a criminal attack as the DDossing was followed by order stuffing i.e. filling up the orderbook que with millions of small orders to prevent any body else trading. The sign of that was that the orderqueing buffer overflowed independent of the DDossing! Gox first statement was that they were down because of high volume. So they believed themselve that it was ordinary traffic which again means that the hackers had been probing GOX to find time where their DDossing would have the greatest effect
and be most easily masked. So this was a serious attack aimed at getting a lot of money to the attackers.

sr. member
Activity: 255
Merit: 250
Quote
Last year, Mt.Gox saw an average of 9,000 to 10,000 new accounts created every month. This number doubled in January, tripled in February, and sextupled in March. In this month alone, over 57,000 new accounts were created!

57,000 whoa
full member
Activity: 121
Merit: 100
I don't understand why Gox didn't put up a statement on their page that trade was suspended the next x hours until they got it sorted. Their dashing for bringing trading up asap without having isolated the problem made them take another round of DDossing.  They should also have posted that they have a kill switch on the trading engine that would render any account hacking attempts void and peoples accounts were safe. Like a proper exchange.

Also when they came back up, there was a period of 10-15 minutes where some were able to trade and others not.

So yeah, they could have handled this better, but that's easy for me to state in hind sight. They were clearly panicking, trying to fix this as fast as possible, and actually adding to panic by being officially silent for most of the trading day.

I understand why, but try keeping a good reputation isn't a valid reason for me. If a lot people know that Gox is under DDOS to push the the USD/BTC exchange rate down and gives the attackers the possibility to buy BTC for cheap, would stabilize the market because people get the reason and don't think that Gox is very unstable or there is a crash ahead.
legendary
Activity: 1190
Merit: 1001
Could we be seeing the first governmental attacks on bitcoins?  Or do you think it's just hackers trying to make a quick buck?
sr. member
Activity: 504
Merit: 250
I don't understand why Gox didn't put up a statement on their page that trade was suspended the next x hours until they got it sorted. Their dashing for bringing trading up asap without having isolated the problem made them take another round of DDossing.  They should also have posted that they have a kill switch on the trading engine that would render any account hacking attempts void and peoples accounts were safe. Like a proper exchange.

Also when they came back up, there was a period of 10-15 minutes where some were able to trade and others not.

So yeah, they could have handled this better, but that's easy for me to state in hind sight. They were clearly panicking, trying to fix this as fast as possible, and actually adding to panic by being officially silent for most of the trading day.
legendary
Activity: 1722
Merit: 1217
http://www.facebook.com/MtGox/posts/453409538076792

parts that concern me: What can be done? Believe it or not, there is pretty much nothing that can be done. Large companies are frequently victims of these kinds of attacks. Even though we are using one of the best companies to help us fight against these DDoS attacks, we are still being affected.

but then they go on to say this: There are a few things that we can implement to help fight the attacks, such as disconnecting the trade engine backend from the Internet. By separating the data center from the Mt.Gox website, we will continue to be able to trade.

also this: We are working on it by creating a new trade engine that will solve many problems, but it’s not a magic bullet

its inevitable that exchanges in the future will need to become decentralized in a manner not dis-simlar to bitcoin its self. Then the exchanges would be ddos proof in the same way that bitcoin is ddos proof.
hero member
Activity: 490
Merit: 500
... it only gets better...
sr. member
Activity: 294
Merit: 250
they made a post on reddit but it's already been overflown basically.

vote it up : http://www.reddit.com/r/Bitcoin/comments/1bmwsa/mtgox_statement_regarding_ddos_and_trading_lag_on/
legendary
Activity: 840
Merit: 1000
Thank you Mt.Gox team for this information. This was some MUCH needed communication with the community. I commend you. Continuing this type of communication with the community will make a world of difference as to how the Mt.Gox team is perceived.
sr. member
Activity: 294
Merit: 250
http://www.facebook.com/MtGox/posts/453409538076792

parts that concern me: What can be done? Believe it or not, there is pretty much nothing that can be done. Large companies are frequently victims of these kinds of attacks. Even though we are using one of the best companies to help us fight against these DDoS attacks, we are still being affected.

but then they go on to say this: There are a few things that we can implement to help fight the attacks, such as disconnecting the trade engine backend from the Internet. By separating the data center from the Mt.Gox website, we will continue to be able to trade.

also this: We are working on it by creating a new trade engine that will solve many problems, but it’s not a magic bullet
Jump to: