Dogehouse.org was hit with a much bigger-than-usual DDoS (distributed denial-of-service) attack on Wednesday, creating 12 hours of downtime, the popular dogecoin pool mining site said Thursday.
In an update posted on its site, Dogehouse said the constantly growing attack was so intense that it could not “mitigate it easily.”
“We usually get 2-3 DDoS attacks per day, but not that big. They usually reach up to 50 or 75gbits tops,” Dogehouse said. “The attack was constantly growing so our upstreams had no other choice but to null routeb (blackhole) us as soon as it reached more than 150gbits.”
The full process took more than 6 hours, but “the total downtime of the stratums and the pool was over 12 hours,” the site said.
In a DDoS, the incoming traffic flooding the target originates from many different sources – possibly hundreds of thousands or more. This essentially makes it impossible to stop the attack simply by blocking IP addresses.
Throughout the downtime Wednesday, dogecoiners on Reddit speculated Dogehouse could have been it with the rumored “51% attack” pool hash share, a status which in theory can seriously disrupt on an entire bitcoin or other cryptocurrency network.
Most dogecoin miners, however, guessed it was a DDoS attack.
Here is Dogehouse’s full update:
We were hit with an NTP DDoS Amplification attack!
What is an NTP DDoS attack? We usually get 2-3 DDoS attacks per day, but not that big. They usually reach up to 50 or 75gbits tops.
As soon as the DDoS Hit we tried to mitigate the attack. Our failover balancer automatically switched to new ips for the stratum and web , however the attack followed the DNS change immediately.
The attack was constantly growing so our upstreams had no other choice but to null routeb (blackhole) us as soon as it reached more than 150gbits
The peak of the attack was close to 200gbits, with millions of packages per second. There was nothing we could do in order to mitigate it easily.
We decided that we should move instantly to Netherlands ( our current living place ) in order to have more control and better mitigation of huge attacks like these.
We immediately ordered 20 servers and 4 switches (2 10g switches + 2 infiniband for our db cluster) which had to be assembled , rack mounted , benchmarked (cpu + memory + hdd test), configured and launched into production into Netherlands.
We apologize for the issue and we will do our best for this to never happen again.