Written By Rina on

Last updated on

FacebookTwitterRedditTelegram

Never Let Your Guard Down. Guarda Stops a DDoS Attack

Never Let Your Guard Down. Guarda Stops a DDoS Attack

Recently, Guarda Wallet was threatened by Armada Collective, an extortion group, or one of their copycats. In this article, we will tell you how they demanded 0.5 BTC from us and how we coped with this cyberattack.

A Threatening Email

On the 11th of June, we got an email from the infamous group of hackers called the Armada Collective. In this email, they demanded 0.5 BTC from us to prevent their hacking “attack”.

Who is Armada Collective?
In March 2016, a band of hackers calling themselves the Armada Collective started to send emails to various businesses, threatening them with DDoS assaults unless they paid in Bitcoin.

It was a highly active extortion group that inspired other copycat groups, some of which were noticed in late 2015 and 2016.

An email from the hackers

32za4dfgEA46mw8aWtNNj49BwGKgXqRaPf

We didn’t reply to this email but started preparing for the attack. However, we were convinced that everything would be fine since we are confident in our team and security system.
Here you can find some similar emails with threatening emails.

DDoS Attack

The term “Distributed Denial-of-Service (DDoS) Attack” refers to cybercrime in which an attacker floods a server with internet traffic to prevent users from accessing linked online services and sites.

So, how were we attacked?

The robots created 300K+ wallets to overload our main page. They sent ~240M requests on 5TB. You can see it in the screen from Cloudflare below:

Clouflare screen of the attack

Here you may see the countries, where the attack came from:

DDoS Attack Countries

However, 81% of the data left the cache without site overload.

Conclusion

Why did this attack fail? There are two main factors:

  1. Our distributed system that can’t be easily hacked
  2. Cloudflare, which helped us to stand against this attack

Guarda Wallet is a non-custodial wallet. It means we do not store private information about our users or their wallet backups. Users are connecting to blockchains directly from their smartphones or desktops. Most of the DDoS load has been served by the attacker’s equipment.

Unfortunately, we can’t identify and track the attacker since Guarda doesn’t receive information about users or their wallets.

Guarda protects your assets, so no scammers or DDoS attacks can jeopardize your crypto or private information!

Guarda Team