The Latest Victims of DDoS Attacks: Banks and Bitcoin XT

While banks are increasingly evaluating the merits of blockchain technology, they are typically not mentioned in the same sentence as Bitcoin XT, the controversial proposal to increase Bitcoin’s block size.

Today, however, they have the unfortunate privilege of sharing at least one thing in common: both have reportedly become targets of DDoS (distributed denial of service) attacks. These involve an attacker, from distributed points of origin, attempting to overwhelm a central server with enough requests to knock it out of service.

Join the iFX EXPO Asia and discover your gateway to the Asian Markets

In the wilder days of 2013 -14, and to an extent, even today, such attacks were a common problem faced by bitcoin exchanges and other services. In those cases, the strategy was to overwhelm the system so as to break down its defenses that protect precious assets, such as bitcoin wallets.

The elementary damage is simply the downtime experienced by the website. According to Neustar, cited by Bloomberg in a piece on the latest wave of attacks hitting banks, large enterprises stand to lose as much as $100,000 per hour. There is also reputational damage inflicted when customers begin to question the service’s reliability.

Indeed, at least two companies- a bitcoin gambling business and an unnamed bank- have caved in during the latest ‘DD4BC’ attacks. An acronym for “DDoS for Bitcoin”, the gang threatens to take down websites if a bitcoin ransom isn’t paid by a certain time. Demands range from 25 BTC ($6,150) to 100 BTC ($25,000).

And the attackers are not forgiving. After an initial attack to prove their capabilities, the victim is warned that a full-scale version will be unleashed if payment is not received within 24 hours. “But if you ignore us, and don’t pay within 24 hours, long term attack will start, price to stop will go to 100 BTC and will keep increasing for every hour of attack,” say the attackers, via e-mail.

Once payment is made, the victim is ostensibly off the hook. “Remember this: It’s a one-time payment. Pay and you will not hear from us ever again! We do bad things, but we keep our word.”

DD4BC is one of the latest weapons in an arms race between cybercriminals and cybersecurity. A popular iteration reported earlier this year was ransomware such as CryptoLocker that locks a victim’s files, threatening to render them permanently encrypted if a bitcoin ransom isn’t paid.

In all cases, Bitcoin is the trusted agent for payment, leaving the attackers practically anonymous and not apprehendable, and the payment irreversible.

Bitcoin XT Gets Its Turn

The heated, at times ugly issue of Bitcoin’s block size may have stooped even lower. MIT Technology Review reports that several supporters of Bitcoin XT were DDoS’ed. Satoshilabs, which operates Slush Pool, was reportedly hit. It received a message that the attack would only end once it turns off its support for Bitcoin XT. Support for the implementation is expressed by miners, but it is believed that the number has dwindled lower due to such attacks.

ChunkHost, a web hosting company, reportedly had a client who was attacked for switching Bitcoin ATM software to Bitcoin XT. Several others reportedly complained online after experiencing such attacks.

Bitcoin XT supporters have alleged censorship on forums such as reddit, and have proposed various measures to get around it.