Never Let Your Guard Down. Guarda Stops a DDoS Attack
Recently, Guarda Wallet was threatened by Armada Collective, an extortion group, or one of their copycats. In this article, we will tell you how they demanded 0.5 BTC from us and how we coped with this cyberattack.
A Threatening Email
On the 11th of June, we got an email from the infamous group of hackers called the Armada Collective. In this email, they demanded 0.5 BTC from us to prevent their hacking “attack”.
Who is Armada Collective?
In March 2016, a band of hackers calling themselves the Armada Collective started to send emails to various businesses, threatening them with DDoS assaults unless they paid in Bitcoin.
It was a highly active extortion group that inspired other copycat groups, some of which were noticed in late 2015 and 2016.
We didn’t reply to this email but started preparing for the attack. However, we were convinced that everything would be fine since we are confident in our team and security system.
Here you can find some similar emails with threatening emails.
So, how were we attacked?
The robots created 300K+ wallets to overload our main page. They sent ~240M requests on 5TB. You can see it in the screen from Cloudflare below:
Here you may see the countries, where the attack came from:
However, 81% of the data left the cache without site overload.
Why did this attack fail? There are two main factors:
- Our distributed system that can’t be easily hacked
- Cloudflare, which helped us to stand against this attack
Guarda Wallet is a non-custodial wallet. It means we do not store private information about our users or their wallet backups. Users are connecting to blockchains directly from their smartphones or desktops. Most of the DDoS load has been served by the attacker’s equipment.
Unfortunately, we can’t identify and track the attacker since Guarda doesn’t receive information about users or their wallets.
Guarda protects your assets, so no scammers