Forex market under DDOS attack - multiple firms hit in the past few days

Thursday, 16/02/2012 | 15:57 GMT by Michael Greenberg
Forex market under DDOS attack - multiple firms hit in the past few days

Someone (or some group) is actively targeting the Forex market in the past few days. During the last week at least 5 brokers and service providers have suffered from DDOS attacks which resulted in their service being disrupted and websites down for at least few hours.

DDOS: A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS Attack ) is an attempt to make a computer or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used relating to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management.

Somebody realized that attacking forex brokers can be quite profitable as brokers can't stand their service being down due to loss of potential client sign-ups, client trading activity and so on. Just imagine how many leads/clients have been referred to a big broker's site during 12 hours and how many trades weren't executed and you can easily calculate a loss of $50-100k per day.

Most firms who were attacked asked not to be named in this article however some of them confirmed that they were able to track the attacks to Chinese based IPs and that during the attack they received a demand for 'ransom' or basically a payout for the hackers to stop the attack. The amounts requested were in the region of $50,000. No firm agreed to pay this amount realizing that if they paid once they'd be targeted again and again and were eventually able to fend off the attack by blocking the toxic IPs. The firms are now busy calculating losses, compensating clients and enhancing security measures.

Bursa Malaysia was too hit by DDOS this Tuesday.

One firm indirectly affected by this attack was Boston Technologies as its servers are hosted on a farm which hosts several large brokers which were a target of a DDOS attack earlier this week. "While DDoS attacks are using computer networks and don’t have a physical manifestation they are no different then somebody walking into a bank with a gun and asking for money. The difference is that the DDoS attacker always leaves logs and information somewhere and it is only a matter of time until they will be caught and put in jail. There is much more information on the internet to track things than most people think. In that way, it is probably safer to try a bank robbery then DDoS attacks in the long run. The attack that affected us was tracked down to a small number of IPs and it the attack itself lasted 3 days. It took us about 1 hour to disable it once we knew what was going on and then it took the attacker 3 more days before he realized it was no longer working." said George Popescu, CEO of Boston Technologies.

One of the largest brokers in this market was getting DDOS attacks time and time again in the past 2 years and they estimated that whoever was targeting them was ready to spend a lot of money on such attack as it was disproportional to the 'typical' attacks they've witnessed. According to their estimate smallest attacks are very affordable while what hit them was a massive attack at a cost of $3-5k a day. They eventually were able to fend off the attack but not before being down for few days straight.

Sounds like a wild wild west? Welcome to the forex market.

Someone (or some group) is actively targeting the Forex market in the past few days. During the last week at least 5 brokers and service providers have suffered from DDOS attacks which resulted in their service being disrupted and websites down for at least few hours.

DDOS: A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS Attack ) is an attempt to make a computer or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used relating to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management.

Somebody realized that attacking forex brokers can be quite profitable as brokers can't stand their service being down due to loss of potential client sign-ups, client trading activity and so on. Just imagine how many leads/clients have been referred to a big broker's site during 12 hours and how many trades weren't executed and you can easily calculate a loss of $50-100k per day.

Most firms who were attacked asked not to be named in this article however some of them confirmed that they were able to track the attacks to Chinese based IPs and that during the attack they received a demand for 'ransom' or basically a payout for the hackers to stop the attack. The amounts requested were in the region of $50,000. No firm agreed to pay this amount realizing that if they paid once they'd be targeted again and again and were eventually able to fend off the attack by blocking the toxic IPs. The firms are now busy calculating losses, compensating clients and enhancing security measures.

Bursa Malaysia was too hit by DDOS this Tuesday.

One firm indirectly affected by this attack was Boston Technologies as its servers are hosted on a farm which hosts several large brokers which were a target of a DDOS attack earlier this week. "While DDoS attacks are using computer networks and don’t have a physical manifestation they are no different then somebody walking into a bank with a gun and asking for money. The difference is that the DDoS attacker always leaves logs and information somewhere and it is only a matter of time until they will be caught and put in jail. There is much more information on the internet to track things than most people think. In that way, it is probably safer to try a bank robbery then DDoS attacks in the long run. The attack that affected us was tracked down to a small number of IPs and it the attack itself lasted 3 days. It took us about 1 hour to disable it once we knew what was going on and then it took the attacker 3 more days before he realized it was no longer working." said George Popescu, CEO of Boston Technologies.

One of the largest brokers in this market was getting DDOS attacks time and time again in the past 2 years and they estimated that whoever was targeting them was ready to spend a lot of money on such attack as it was disproportional to the 'typical' attacks they've witnessed. According to their estimate smallest attacks are very affordable while what hit them was a massive attack at a cost of $3-5k a day. They eventually were able to fend off the attack but not before being down for few days straight.

Sounds like a wild wild west? Welcome to the forex market.

About the Author: Michael Greenberg
Michael Greenberg
  • 1439 Articles
  • 69 Followers

More from the Author

Retail FX