Authorities are investigating ongoing DDoS attacks against Currency.com
UK authorities are investigating distributed denial of service attacks that targeted cryptocurrency exchange Currency Com Global LLC, better known as Currency.com.
The attacks began in April after Currency.com founder Viktor Prokopenya announced the company was pulling out of Russia to protest the invasion of Ukraine, MSN Reports. Prokopenya condemned the invasion as “Russian aggression” and called the invasion a “terrible war”.
The first attack occurred hours after Prokopenya’s statement and would have been the first Russian cyberattack against a British company after the invasion began. Fast forward to August and DDoS attacks against Currency.com continued, with attackers attempting to take Currency.com offline.
“The cyberattack has been happening almost daily for three months,” Prokopenya said. “It’s as if someone is repeatedly trying to break down your front door.”
The UK’s National Cyber Security Center does not believe the attacks were carried out by the Kremlin, but likely by criminals who support the Russian invasion. About 18% to 32% of the servers used in the DDoS attacks were located in Russia and Belarus.
Who is specifically behind the attacks remains unknown. Toby Lewis, head of threat analysis at cybersecurity firm AI Darktrace Holdings Ltd.told SiliconANGLE that it’s important to be careful when pointing the finger at cyber warfare.
“Government agencies have not yet asserted that this is a Russian state-directed attack and it could be an inaccurate merging of different data points for reporting purposes,” Lewis explained. “It is more likely that the group behind this is state-aligned, which means their results are in line with state interests – but there is no solid evidence that the Russian state ordered this attack .”
Lewis noted that the attacks against Currency.com are similar in nature to the DDoS attacks undertaken by Killnet. The Russian hacking group targeted organizations with a DDoS attack in Lithuania in June and currently claims to have attacked aerospace company Lockheed Martin Corp.
“These attacks aren’t particularly sophisticated and are technically easy to mitigate, but threat groups know they’re loud and will make headlines and stir controversy,” Lewis added.