{"id":18951,"date":"2022-08-29T11:40:43","date_gmt":"2022-08-29T11:40:43","guid":{"rendered":"https:\/\/zebpay.com\/au\/?p=18951"},"modified":"2022-08-29T11:40:44","modified_gmt":"2022-08-29T11:40:44","slug":"what-is-crypto-ddos-attack-and-how-to-prevent-it","status":"publish","type":"post","link":"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it","title":{"rendered":"Crypto DDoS Attacks: What, Why and How?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_66_1 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#What_Is_a_DDoS_Attack\" title=\"What Is a DDoS Attack?\">What Is a DDoS Attack?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#How_Does_a_DDos_Attack_Work\" title=\"How Does a DDos Attack Work?\">How Does a DDos Attack Work?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Types_of_DDoS_Attacks\" title=\"Types of DDoS Attacks\">Types of DDoS Attacks<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Volumetric_Attacks\" title=\"Volumetric Attacks\">Volumetric Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Application_Attacks\" title=\"Application Attacks\">Application Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Fragmentation_Attacks\" title=\"Fragmentation Attacks\">Fragmentation Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Protocol_Attacks\" title=\"Protocol Attacks\">Protocol Attacks<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Crypto_DDoS_Attacks\" title=\"Crypto DDoS Attacks\">Crypto DDoS Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Solana_Outage\" title=\"Solana Outage\">Solana Outage<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#How_To_Prevent_a_DDoS_Attack\" title=\"How To Prevent a DDoS Attack\">How To Prevent a DDoS Attack<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/zebpay.com\/au\/blog\/what-is-crypto-ddos-attack-and-how-to-prevent-it\/#Final_Thoughts\" title=\"Final Thoughts\">Final Thoughts<\/a><\/li><\/ul><\/nav><\/div>\n\n<p>Have you ever experienced the websites you regularly use suddenly becoming very slow? Chances are, that was the result of a DDoS attack. A Distributed Denial of Service attack seeks to exploit shortcomings in the systems of a website. This causes the website to become slow and sluggish, or, in some cases, not load. Attackers use this as a tool to hold businesses hostage and prevent the website from functioning. So how do DDoS attacks work and what threat does it have to crypto?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_Is_a_DDoS_Attack\"><\/span>What Is a DDoS Attack?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Attempts to overload a website\u2019s systems with a flood of internet traffic are classified as DDoS attacks. This aims to bring the website down or reduce its capacity to function.<\/p>\n\n\n\n<p>Attackers accomplish this by exploiting the bottlenecks in a website\u2019s design. They typically use thousands of bots to connect, use bandwidth or make connections on the website. These bots reduce the resources available to genuine users who cannot connect to the website.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Does_a_DDos_Attack_Work\"><\/span>How Does a DDos Attack Work?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>DDoS attacks occur mainly for two reasons. The first is holding a website hostage. Attackers may demand the website to pay to stop the attack. In some cases, the business may be forced to pay the attackers if they cannot fix the vulnerability in the website fast enough.&nbsp;<\/p>\n\n\n\n<p>Second, it may be an attempt to discredit the company. Malicious competitors or those with ill-will towards a company may attack the website to reduce their credibility. This would show that the company is not adequately equipped to counter a DDoS attack.&nbsp;<\/p>\n\n\n\n<p>These attacks are the most popular and easy tools to bring down websites. Nearly twenty to thirty thousand DDoS attacks occur every day. This is why businesses need to take precautions against them.<\/p>\n\n\n\n<p>Read about: <a href=\"https:\/\/zebpay.com\/au\/blog\/what-are-crypto-dust-and-dusting-attacks\" target=\"_blank\" rel=\"noreferrer noopener\">What are Crypto Dust and Dusting Attacks?<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Types_of_DDoS_Attacks\"><\/span>Types of DDoS Attacks<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>There are different ways attackers target your website based on the specific bottleneck. The most common ones are mentioned below.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Volumetric_Attacks\"><\/span><strong>Volumetric Attacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>These attacks focus on causing congestion on your website. They use up the bandwidth between your website and the rest of the internet, making it difficult to connect.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Application_Attacks\"><\/span><strong>Application Attacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>These attacks target the application deployed on the website, rather than its surrounding infrastructure. This can be highly effective as the attacker does not need powerful systems. Many smaller systems with low computing power are still capable of causing an application layer attack.<\/p>\n\n\n\n<p>This attack is like pressing the refresh or home button on a website but from thousands of different devices millions of times. This would flood the server with requests and slow down all other users.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Fragmentation_Attacks\"><\/span><strong>Fragmentation Attacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Fragmentation refers to the packets of data sent to websites. A flood of fragmented data is sent to the website, which must be reassembled by the system to compute it. When the data being sent in packets is too high, it hampers the ability of the website to assemble it fast enough, therefore reducing performance.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Protocol_Attacks\"><\/span><strong>Protocol Attacks<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Protocol attacks affect the ability of the network to complete functions. For example, the attackers may send incomplete packets or other data. This causes the server to wait to receive the entire packet or connection request, which never arrives.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Crypto_DDoS_Attacks\"><\/span>Crypto DDoS Attacks<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>All the bottlenecks mentioned above usually exist on centralised services. Then shouldn\u2019t blockchains, a decentralised service, be resistant to DDoS attacks? Yes and no.<\/p>\n\n\n\n<p>In a <a href=\"https:\/\/zebpay.com\/au\/blog\/advantages-and-disadvantages-of-different-types-of-blockchain\" target=\"_blank\" rel=\"noreferrer noopener\">blockchain<\/a>, there is no single point of failure. Even if a node in the network is down, the blockchain can continue functioning. Therefore, successful DDoS attacks can bring down the entire network, rather than a single system.<\/p>\n\n\n\n<p>The main threat to blockchains is transaction flooding. These attacks target the application by creating thousands of spam transactions. Blockchains operate based on blocks. Each block can only hold a limited number of transactions. When thousands of spam transactions are initiated, legitimate transactions are not included in the current block and are kept in memory.&nbsp;<\/p>\n\n\n\n<p>Transaction flooding causes all genuine transactions to wait in memory. When they are not included in blocks, the blocks cannot be verified and the transaction does not go through. The blockchain cannot complete transactions at the rate they are coming in and users may have to wait several hours before their blocks are verified.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Solana_Outage\"><\/span>Solana Outage<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>One of the most popular examples of DDoS attacks on crypto is the Solana network attack. On September 14, 2021, a new project was launched on the Solana blockchain.&nbsp;<\/p>\n\n\n\n<p>Immediately, this project started creating a massive number of transactions that flooded the network with spam. At its peak, it was creating almost 400,000 transactions per second.&nbsp;<\/p>\n\n\n\n<p>Since transactions had to be pushed back into memory, the memory also began to fill up. Once the network ran out of memory, it crashed, causing an outage that lasted several hours.&nbsp;<\/p>\n\n\n\n<p>Finally, the problem was fixed by performing a hard fork and rolling back the network to a point that 80% of validators could agree on. Once this was programmed, it took a few hours for the nodes to apply it before the network could be brought back up.<\/p>\n\n\n\n<p>Read about: <a href=\"https:\/\/zebpay.com\/au\/blog\/solana-ecosystem-under-attack\" target=\"_blank\" rel=\"noreferrer noopener\">Solana Under Attack.<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_To_Prevent_a_DDoS_Attack\"><\/span>How To Prevent a DDoS Attack<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Since the primary means of attacking a blockchain is by flooding it with transactions, nodes must ensure they have enough storage, bandwidth and processing power for the network. Another important factor is building a failsafe into the code to prevent the network from instantly crashing.<\/p>\n\n\n\n<p>Second, it is important to filter transactions when the network congestion is very high. Block verification makes it possible to choose which transactions to include in a block. Discarding potential spam transactions maintains the integrity of the blockchain. It also ensures the network stays up and running.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Final_Thoughts\"><\/span>Final Thoughts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>DDoS attacks are the most common method used by malicious actors to bring down networks and businesses. Since they occur thousands of times every day, it is important to build preventive measures into your websites and blockchain networks. Blockchain is naturally resistant to a variety of DDoS methods, but transaction flooding remains a problem. Building better failsafes and paying close attention to verification can greatly reduce the risks blockchains face from this menace.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Have you ever experienced the websites you regularly use suddenly becoming very slow? Chances are, that was the result of a DDoS attack. A Distributed Denial of Service attack seeks to exploit shortcomings in the systems of a website. This causes the website to become slow and sluggish, or, in some cases, not load. Attackers [&hellip;]<\/p>\n","protected":false},"author":23,"featured_media":18953,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[14],"tags":[79,282],"class_list":["post-18951","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto","tag-blockchain","tag-solana"],"acf":[],"_links":{"self":[{"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/posts\/18951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/comments?post=18951"}],"version-history":[{"count":1,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/posts\/18951\/revisions"}],"predecessor-version":[{"id":18952,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/posts\/18951\/revisions\/18952"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/media\/18953"}],"wp:attachment":[{"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/media?parent=18951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/categories?post=18951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zebpay.com\/au\/wp-json\/wp\/v2\/tags?post=18951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}