Wallet Guard Reveals Massive DDoS Attacks, Says It’s Ongoing but Mitigated
On Thursday, March 16th, the security extension Wallet Guard revealed it has been defending a massive DDoS attack combined with a bot attack on its Twitter account since March 13th. At its peak, the attack featured over 600 million attacks per minute over Tor exit nodes. It is still ongoing, but Wallet Guard stated it is fully mitigated.
Wallet Guard Defending Against 3-Day-Long Attack
Through its Twitter account, Wallet Guard revealed it has been defending against a well-organized DDoS attack combined with a bot assault on its social media presence since March 13th. The post-mortem published on its website also explains that the attackers have been reacting to Wallet Guard’s defense efforts by changing strategies and have also struck another security extension, JoinFire.
Wallet Guard’s Twitter account is currently locked as a precaution due to the bot assault and is awaiting a response from the social media platform. The post-mortem postulates that the attack was motivated by the recent appearance of certain wallet drainers that abuse Blur approvals:
We believe this attack was motivated due to the recent introduction of wallet drainers that leverage active Blur approvals to drain a victim in one transaction. This attack is not just on us but all of end-user security; as soon as we mitigated the attackers, they switched over to attacking another security extension, JoinFire and began botting our Twitter account with followers to get it suspended to cut off communication to our users.
A DDoS—distributed denial of service—occurs when several systems flood a targeted system’s bandwidth or resources, usually in an effort to make the targeted system unavailable to its intended users. A DDoS attack employs more than one distinct IP address or machine, frequently coming from thousands of hosts that are usually malware-infected.
Crypto Hacks Remain Commonplace in 2023
Despite the tireless efforts of the community, crypto-related hacks remained very commonplace throughout 2022, and are still very much present in the current year. Late last December, it was reported that the previous year was record-braking as it saw the theft of $3.7 billion in various digital-asset-related attacks.
Already in early January, hackers managed to drain $3.4 million worth of GMX tokens from a DeFi user in a phishing attack. The year also saw numerous notable hijacks of prominent Twitter accounts in an attempt to lure users into falling victim to various cryptocurrency scams. In just a few days in late January, the social media accounts of the online broker Robinhood and the NFT project Azuki were infiltrated to promote different fraudulent projects. Not long after, the official account of a government official from India was similarly misused.
The year also saw the community, and digital asset companies, fight back against hackers and scammers. Late in February, the decentralized platform Oasis revealed it has managed to exploit the exploiter behind last year’s Wormhole attack and steal back the assets. Following the collapse of FTX last November, several “citizen detectives” also rose to prominence with the most notable being ZachXBT on Twitter and Coffeezilla on Youtube who also recently managed to trick a serial scammer into outing himself in a joint scheme.