Septu comment: UK-based crypto exchange EXMO UK got hacked in December when about $10m of BTC and a couple of other currencies were stolen from hot wallets. Now they have experienced a DDoS attack that apparently took them offline for about three hours.
The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack.
“We are currently experiencing a DDoS attack on our platform,” the exchange said in a notification published earlier today.
“Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily unavailable.”
In a separate alert issued through the company’s official Twitter account, EXMO said that it’s working on addressing the issue.
While no update was published since the DDoS attack was announced, the platform’s servers and website are now back online.
EXMO was temporarily registered with the UK Financial Conduct Authority (FCA) as a crypto asset business until July 9th, 2021, following a request submitted back in April 2020.
The British cryptocurrency exchange — self-described as “one of the largest cryptocurrency exchanges in Europe” — disclosed in December 2020 that unknown attackers were able to withdraw roughly 5% of its total assets after compromising EXMO’s hot wallets.
Unlike cold wallets (aka offline or hardware wallets) that have no Internet connection, hot wallets are Internet-connected and are used by exchanges to temporarily store assets for ongoing transfers and transactions.
EXMO suspended all withdrawals following the incident and added that all user losses following this incident will be covered and refunded completely by EXMO.
“Our team is currently developing a new infrastructure for hot wallets. Since each blockchain needs a separate server, the process will take some time,” EXMO added in a subsequent update.
“Once deposits and withdrawals are available, you will have to generate a new wallet address in the ‘Wallet’ section of your account.
“Our investigation is ongoing, and we are taking all necessary and precautionary measures to prevent such incidents from reoccurring.”
From: Bleeping Computer