A Distributed Denial of Service (DDoS) attack occurs when several compromised computer systems simultaneously attack a target machine, resulting in a denial of service for users of the target system.
As crypto and DeFi protocols are dependent on these servers, DDoS attacks can severely cripple them if they aren’t decentralized enough.
DDoS attacks can occur on several targets such as a website, server, or any other network resource. The attack floods the target with incoming messages, connection requests, and incomplete packages, resulting in the system slowing down or crashing entirely.
DDoS attacks can be carried out by malicious actors such as organized crime syndicates, malicious criminal hackers, and even rogue governments. If a system is unstable or a website is poorly coded, legitimate requests can also be mistaken for a DDoS attack.
DDoS attacks work by exploiting a vulnerability in a computer system. This system then becomes the DDoS master. The master system then identifies other vulnerable systems on the network, overwhelms them with malware, or gains control by bypassing the authentication controls.
The device controlled by the hacker is called a “zombie” or “Bot.” The attacker controls the network through a “command and control server,” also known as a botnet. Botnets can comprise any number of bots, with some comprising thousands of nodes, with no upper limit to their size.
DDoS attacks are of three main types.
- Network-centric attacks – These types of attacks overwhelm a target by crowding out available bandwidth with packet floods.
- Protocol attacks – These attacks mainly target the transport layer or the network layer protocols, using their vulnerabilities to overwhelm the target.
- Application layer attacks – In this type of attack, databases and application services are overloaded with application calls, leading to a denial of service.
« Back to Glossary Index