Cyber Incident Victim: BitGo

On the afternoon of Saturday, June 4, 2016, BitGo—a prominent Bitcoin wallet service marketed as the industry’s most secure platform—experienced a massive distributed denial-of-service (DDoS) attack. The assault persisted for four to five hours, completely overwhelming BitGo’s servers and rendering its services inaccessible. The company acknowledged the incident publicly via Twitter approximately one hour after the attack began, issuing apologies to clients for the disruption. BitGo’s infrastructure was uniquely designed to enable near-instant Bitcoin transactions, a feature that distinguished it from competitors requiring hours for transaction validation. This capability had attracted integrations with major cryptocurrency exchanges and financial services, including Wirex, Bitstamp, Bitfinex, Unocoin, and Kraken, all of which relied on BitGo’s API to process real-time transactions for their users.

The immediate consequence of the DDoS attack was widespread operational paralysis across BitGo’s partner network. Companies integrated with BitGo’s API faced transaction processing failures, leaving them unable to fulfill their promised instant settlement services. Wirex, which had recently adopted BitGo to power its Bitcoin-based debit cards, proactively emailed customers advising them to halt transactions until BitGo restored functionality. The incident underscored the systemic risks posed by centralized dependencies within Bitcoin infrastructure, as a single point of failure disrupted multiple downstream services. While BitGo eventually resumed operations, the attack highlighted the profitability of DDoS campaigns targeting cryptocurrency platforms, with threat actors frequently offering such services for hire on dark web marketplaces. Broader industry vulnerabilities were also evident, as the article referenced prior security breaches at Gatecoin, Shapeshift, and other Bitcoin entities—though these were distinct incidents unrelated to the BitGo DDoS.