Continuing our exclusive coverage of the events unfolding at forex solutions provider oneZero, LeapRate has learned that the outages hitting oneZero and thereby some of its hosted clients over the past week are the result of distributed denial-of-service (DDoS) attacks being made against the company.
After engaging multiple security contractors, the company has isolated the attacks and has determined that they originate out of China.
A distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. It is the result of multiple compromised systems (for example a botnet) flooding the targeted system – usually one or more web servers – with traffic. The most serious attacks are distributed, meaning that the attack source is more than one (and often thousands) of unique IP addresses. Many of the cases involve forging of IP sender addresses (IP address spoofing) so that the location of the attacking machines cannot easily be identified, nor can filtering be done based on the source address.
For these and other reasons, DDoS attacks are typically very effective and difficult to mitigate.
oneZero management indicated to LeapRate that the attack against them has been made with a very high level of sophistication, but that the company is working very closely with security contractors and with its clients and expects the situation to be resolved.
The attack against oneZero appears to be solely targeting connectivity, and has not at all affected the company’s own systems, so that no company or client data has been compromised. And so far, there has been no attempt to exploit the attack – DDoS hackers often try to blackmail their targets, requiring some sort of ransom to be paid in order to remove the attacks.