It’s become a tragic common practice, where every bitcoin exchange will have to go through a DDoS attack at some point. Bitcoin is still a nascent technology, and bitcoin exchanges are often new and don’t have battle-tested security.
Since exchanges are the custodians of customer funds, they have become targets of hackers and all-around bad people trying to steal and extort them.
BitBargain is a bitcoin exchange based in the United Kingdom, which has been the target of such attacks in the past. Just late last year they were being DDoS’d and extorted, along with a few others. The exchange went down for a period of time, but they didn’t pay the extortion and was able to get the exchange back up.
We Have Your Site Down Lets Talk
As it turns out, several hours ago BitBargain was targeted again by an attacker trying to extort them. The email exchange is below.
BitBargain’s philosophy though if you look at past events is that they don’t play nicely with attackers, especially those that try to extort them. According to BitBargain, they have “never paid [and] never will.” They also publish each attack including the emails and IP addresses involved in the attacks. This practice seems to be working well for BitBargain, using a combination of Cloudflare rules and custom solutions.
However, the best methodology for future exchanges should any one of them want to take any advice, would be a better solution of zero-knowledge systems. Bitsquare is doing this and so are some bitcoin wallets. It’s something that prevented ShapeShift from losing big time in their recent hack too.