Cyber Incident Victim: Bitfinex

On December 12, 2017, Bitfinex, a Hong Kong-based cryptocurrency exchange, experienced severe operational disruptions due to sustained distributed denial-of-service (DDoS) attacks. The attacks overwhelmed the platform’s infrastructure, forcing a temporary shutdown of services. Bitfinex confirmed the incident via its official Twitter account, stating it was under "heavy DDOS" and that its application programming interface (API) was non-functional. Technical teams initiated immediate mitigation efforts to restore access. This marked the second major DDoS incident targeting Bitfinex within a week, following an earlier attack that began on December 4 and persisted intermittently until December 7. The exchange’s service status page indicated gradual but partial recovery, with some functionalities returning at reduced performance levels while mitigation work continued.

The attacks coincided with a period of heightened cryptocurrency market activity, as Bitcoin’s value reached record highs. While DDoS incidents typically disrupt service availability without compromising user funds—unlike the contemporaneous $70 million Bitcoin theft from Slovenia’s NiceHash platform—the operational impact on Bitfinex was significant. Notably, another exchange, Coinbase, reported similar DDoS disruptions on the same day, though no confirmed link between the two incidents was established. Bitfinex’s public communications emphasized ongoing efforts to stabilize services but did not disclose technical specifics of the attacks or the exact scope of affected systems beyond the API outage. The recurrence of attacks within a short timeframe highlighted persistent vulnerabilities in the exchange’s infrastructure amid escalating threats to cryptocurrency platforms.