Exclusive: Numerous Brokers Experience Serious Delays Due to MT4 Server Vulnerability
- An attack on PrimeXM’s MT4 Server by an individual client caused more than 20 of the firm's brokerages a substantial disruption of their services last Wednesday, which happened to be one of the most volatile days of the year.


According to information obtained exclusively by Forex Forex Foreign exchange or forex is the act of converting one nation’s currency into another nation’s currency (that possesses a different currency); for example, the converting of British Pounds into US Dollars, and vice versa. The exchange of currencies can be done over a physical counter, such as at a Bureau de Change, or over the internet via broker platforms, where currency speculation takes place, known as forex trading.The foreign exchange market, by its very nature, is the world’s largest tradi Foreign exchange or forex is the act of converting one nation’s currency into another nation’s currency (that possesses a different currency); for example, the converting of British Pounds into US Dollars, and vice versa. The exchange of currencies can be done over a physical counter, such as at a Bureau de Change, or over the internet via broker platforms, where currency speculation takes place, known as forex trading.The foreign exchange market, by its very nature, is the world’s largest tradi Read this Term Magnates, an attack by a single user of one of the brokers connected to PrimeXM last Wednesday (15th of October) resulted in the company’s MT4 server suffering severely, with customers of more than 20 brokerages connected to the server experiencing delays between 10 and 15 seconds.
The event could be revealing a potentially disruptive structural weakness in the MT4 Trading Platform Trading Platform In the FX space, a currency trading platform is a software provided by brokers to their respective client base, garnering access as traders in the broader market. Most commonly, this reflects an online interface or mobile app, complete with tools for order processing.Every broker needs one or more trading platforms to accommodate the needs of different clients. Being the backbone of the company’s offering, a trading platform provides clients with quotes, a selection of instruments to trade, real In the FX space, a currency trading platform is a software provided by brokers to their respective client base, garnering access as traders in the broader market. Most commonly, this reflects an online interface or mobile app, complete with tools for order processing.Every broker needs one or more trading platforms to accommodate the needs of different clients. Being the backbone of the company’s offering, a trading platform provides clients with quotes, a selection of instruments to trade, real Read this Term which resulted in several brokerages delivering very poor service to their customers last Wednesday. Coincidentally (or not) the disruption happened during the four most actively traded hours on the foreign exchange market in October and possibly throughout the year so far.
With one single client exploiting this vulnerability singlehandedly, all of PrimeXM’s customers were affected materially with some reporting longer delays, frozen quotes and all of this when the EUR/USD staged its biggest single day rally in more than a year. Once the issue was identified, PrimeXM disabled the account from where the attack was coming from and proper client service was restored to the brokerages and their clients.
Forex Magnates reached out to PrimeXM and MetaQuotes to get more information officially. As of the time of publication MetaQuotes has yet to reply.
Update:
Official information provided by PrimeXM reveals that the attack caused execution delays for clients between 5 to 30 seconds; frozen quotes inside the MT4 terminal and MT4 manager from 5 to 30 seconds; inability of the MT4 service to synchronize data via the Watchdog service; memory fluctuations of the MT4 service in the range of 300MB / second.
According to PrimeXM, steps taken to identify the issue ranged from removing all third party plugins, an in depth investigation of the network infrastructure, failing over the MT4 service to different hardware as well as different physical locations. The latter could not be done following standard procedure due to the attack's disruptive impact on the ability of the MT4 server to synchronize data via the Watchdog service.
The above steps failed to restore normal service until further investigations revealed frequent reconnect attempts of this specific MT4 terminal. Once this account was disabled all symptoms disappeared and proper service was restored.
PrimeXM has shared with MetaQuotes and Forex Magnates specific details on how the attack was carried out, however, as it currently seems that such an attack could be initiated by any client terminal to any MT4 broker, Forex Magnates has been asked not to publish this information.

According to information obtained exclusively by Forex Forex Foreign exchange or forex is the act of converting one nation’s currency into another nation’s currency (that possesses a different currency); for example, the converting of British Pounds into US Dollars, and vice versa. The exchange of currencies can be done over a physical counter, such as at a Bureau de Change, or over the internet via broker platforms, where currency speculation takes place, known as forex trading.The foreign exchange market, by its very nature, is the world’s largest tradi Foreign exchange or forex is the act of converting one nation’s currency into another nation’s currency (that possesses a different currency); for example, the converting of British Pounds into US Dollars, and vice versa. The exchange of currencies can be done over a physical counter, such as at a Bureau de Change, or over the internet via broker platforms, where currency speculation takes place, known as forex trading.The foreign exchange market, by its very nature, is the world’s largest tradi Read this Term Magnates, an attack by a single user of one of the brokers connected to PrimeXM last Wednesday (15th of October) resulted in the company’s MT4 server suffering severely, with customers of more than 20 brokerages connected to the server experiencing delays between 10 and 15 seconds.
The event could be revealing a potentially disruptive structural weakness in the MT4 Trading Platform Trading Platform In the FX space, a currency trading platform is a software provided by brokers to their respective client base, garnering access as traders in the broader market. Most commonly, this reflects an online interface or mobile app, complete with tools for order processing.Every broker needs one or more trading platforms to accommodate the needs of different clients. Being the backbone of the company’s offering, a trading platform provides clients with quotes, a selection of instruments to trade, real In the FX space, a currency trading platform is a software provided by brokers to their respective client base, garnering access as traders in the broader market. Most commonly, this reflects an online interface or mobile app, complete with tools for order processing.Every broker needs one or more trading platforms to accommodate the needs of different clients. Being the backbone of the company’s offering, a trading platform provides clients with quotes, a selection of instruments to trade, real Read this Term which resulted in several brokerages delivering very poor service to their customers last Wednesday. Coincidentally (or not) the disruption happened during the four most actively traded hours on the foreign exchange market in October and possibly throughout the year so far.
With one single client exploiting this vulnerability singlehandedly, all of PrimeXM’s customers were affected materially with some reporting longer delays, frozen quotes and all of this when the EUR/USD staged its biggest single day rally in more than a year. Once the issue was identified, PrimeXM disabled the account from where the attack was coming from and proper client service was restored to the brokerages and their clients.
Forex Magnates reached out to PrimeXM and MetaQuotes to get more information officially. As of the time of publication MetaQuotes has yet to reply.
Update:
Official information provided by PrimeXM reveals that the attack caused execution delays for clients between 5 to 30 seconds; frozen quotes inside the MT4 terminal and MT4 manager from 5 to 30 seconds; inability of the MT4 service to synchronize data via the Watchdog service; memory fluctuations of the MT4 service in the range of 300MB / second.
According to PrimeXM, steps taken to identify the issue ranged from removing all third party plugins, an in depth investigation of the network infrastructure, failing over the MT4 service to different hardware as well as different physical locations. The latter could not be done following standard procedure due to the attack's disruptive impact on the ability of the MT4 server to synchronize data via the Watchdog service.
The above steps failed to restore normal service until further investigations revealed frequent reconnect attempts of this specific MT4 terminal. Once this account was disabled all symptoms disappeared and proper service was restored.
PrimeXM has shared with MetaQuotes and Forex Magnates specific details on how the attack was carried out, however, as it currently seems that such an attack could be initiated by any client terminal to any MT4 broker, Forex Magnates has been asked not to publish this information.