Following the continuous distributed denial of service (DDoS) hacker attacks against its website and its MetaTrader 4 (MT4) servers, the Cyprus and Belize-regulated forex broker Exness, issued a statement clarifying the current situation.
Besides that, the broker expressed its suspicions that the assault may have been provoked by “our launch of the industry-first Unlimited Leverage in March and successful offline events” and an upcoming meeting with its partners in China.
According to the Exness statement, the attacks first targeted the broker’s website and flooded it with malicious traffic at approximately 30 Gbps on April 6. After the site was restored and fortified, the hackers launched a full assault on the broker’s trading servers and haven’t stopped since.
Last week Exness notified its partners of the ongoing server problems, which, obviously are still continuing with slow MT4 connection and intermittent trading servers. According to the broker’s statement, it has sought the help of MetaQuotes, the MT4 developer and two other external vendors who have experience with tackling DDoS attacks, to reinforce the infrastructure.
The main goal of a DDoS attack is to make a website or other internet service unavailable to its intended users. It is launched by a botnet, consisting of thousands of infected computers and servers, which simultaneously send millions of access requests to the target, thus “clogging” the normal data flow and disrupting the normal operation of the website or the internet service. DDoS attacks are often targeting sites and services of high-profile institutions such as banks, credit card payment gateways, rendering them useless for hours or even months. A notorious case was the massive DDoS attack against US financial institutions, such as Citigroup, Capital One and HSBC. It was launched by an infected Swedish military server in 2012, lasted for months and back then was considered one of the biggest in internet history.
DDoS attacks are sometimes launched as a prank, activism, in revenge or by the competition, but are always considered a cybercrime.