Yesterday, there were several reports of Hashnest and Bitmain services having abnormal intermittent outages. It so happens that earlier in the morning, an unidentified group of hackers sent the company a threatening email demanding a great deal of money to avoid a series of severe DDOS attacks.
Of course, that several customers started complaining about not being able to access the mining pool and their profile accounts. Soon after this the company informed their customers through email what was happening:
“This morning we received a concerning email from a group of hackers threatening Bitmain and our services with a DDoS attack and demanding a ransom payment to prevent the attack. Bitmain is committed to providing the best service possible to our users, and will not invite future attacks of this sort by giving in to the demands of hackers.”
In this email, the company also reveals that the attackers have proven to have a lot of expertise and the sufficient capability to execute effective attacks. However, the company stated that was not making plans to satisfy the attacker’s demands since it considered that to be a big mistake.
Since then, Hashnest and the Antpool have been practically unavailable throughout the day, raising some concerns within the Hashnest Community, as it also affects the mining performance and pool payouts, which are expected to be at loss. Furthermore, the Company also states that it is presumably expected some intermittent outages in the next few days, while ensuring that the support team is working hard to prevent the effects of these attacks can be as minimal as possible. The email also informs that mining payouts will continue as usual and that all users’ accounts funds are safe.
For those of you mining on AntPool, it is highly advisable to configure your backup pools properly so you can minimize the effects of these attacks on your mining profitability.
Unfortunately, DDOS it is still a very common and effective type of attack used by hackers, especially against sites and web services using outdated security and low protection against these kinds of attacks. And it looks like Hashnest was not using the adequate protection to bear with such attacks.
Image Source: 1, 2