Crypto Firm Currency.com Mitigates DDoS AttackExchange Says It Was Attacked Hours After Announcing Its Exit From Russia
Hours after Currency.com, a global cryptocurrency exchange, announced that it was halting operations in Russia, it faced a distributed denial-of-service attack. The company says it mitigated the April 12 DDoS attack attempt.
In a statement, the company's founder, Viktor Prokopenya, says that the firm was "able to thwart the attempted DDoS attack," ensuring that all its "servers, systems and client data remained intact and uncompromised."
In the April 12 statement announcing its exit from Russia, Currency.com said it had stopped opening new accounts for clients from the Russian Federation, adding that its customers in other countries and regions would not be affected by this decision.
Currency.com's Ukraine CEO, Vitaly Kedyk, says the exit showed that the company condemned the Russian aggression against his country in the ongoing war. "We condemn the Russian aggression in the strongest possible terms. We stand with Ukraine and everyone who denounces this terrible war. In these circumstances we can no longer continue to serve our clients from Russia," Kedyk says.
Mykhailo Fedorov, the vice prime minister of Ukraine and the minister of digital transformation, also acknowledged the closure of Currency.com's operations in Russia on his Telegram channel.
"The global cryptocurrency exchange Currency.com has announced new sanctions for Russian citizens - the termination of operations and termination of contracts unilaterally," Fedorov says. All funds on the platform belonging to thousands of Russian users "will be transferred to the bank accounts from which the replenishment took place," he adds.
Hours after the company's exit announcement, it was hit by a cyberattack. While it did not identify the type of cyberattack at the time, on Sunday it confirmed that the incident had been a "failed" DDoS attack.
"Currency.com took immediate action, ensuring the integrity of its cybersecurity systems, notifying authorities and activating the company's global network of IT professionals and third-party experts to the situation. The company servers, including its backup servers, were not affected, and are actively working," the company says.
Currency.com did not share further details on how it mitigated the attack. It also did not confirm to Information Security Media Group if its Russia exit was indeed the reason for the DDoS attack.
But in a statement to U.K.-based newspaper The Times, Prokopenya implies that the attack came from a Russia-affiliated threat actor. "You don't have to be a rocket scientist," he tells the newspaper. Currency.com has donated more than $1 million to support the humanitarian crisis in Ukraine since the beginning of the war. This, according to the company, includes a donation of $500,000 to the Ministry of Health in Ukraine and the Red Cross Society of Ukraine; $200,000 to ASAP Rescue, a Ukrainian volunteer organization that helps evacuate citizens during times of natural disaster and social turmoil; and $300,000 to the Ministry of Social Policy and Global Giving to help Ukrainians access food, shelter and medical care.
"We have been attacked before, like all financial firms, but the size of this was incredible," Prokopenya reportedly said.
Steve Gregory, Currency.com's U.S. CEO, says, "As a global company with an international team, we feel it is our duty to help those impacted by this war. We will continue to monitor events closely and stand ready to provide additional support to the people of Ukraine."
'Never Been Hacked'
In its statement, Currency.com says its "robust security" has ensured that it has "never been hacked." The basis for these claims is that the company has a strong two-factor authentication in place for all modules on its platform, "including login, deposits, trading and any actions using API keys," Currency.com says.
"Clients can also enable a separate 2FA channel (known as a Master Key) in the unlikely event they lose access to their account. There is a mandatory requirement to secure client accounts, along with full security event activity logging, and whitelisting of devices and IP addresses," the company says. Currency.com also says that it complies with the highest level of PCI-DSS compliance standard for better payments security.
DDoS Attacks Aimed at Ukraine
The attacks aimed at Ukraine's critical infrastructure and government facilities have increased tenfold to twentyfold since the beginning of the war, says Farid Safarov, deputy minister of energy for digital development, digital transformation and digitization. Of these, 200,000 attacks were aimed at the energy sector alone, he says.
DDoS is a favorite attack vector for criminals targeting critical infrastructure. "Until now [since the beginning of the war], at least 50 attempts of large scale DDoS attacks have been made," Safarov says.
He adds that Ukrainian governmental organizations have faced nearly 20,000 cyberattack incidents since the last week of March, suggesting a growing intensity in the cyberwar.