Tether’s CTO, Paolo Ardoino, has confirmed that Tether’s website, tether.io, is currently under DDOS attack. The number of requests to the site increased from 2,000 to 8,000,000 every five minutes early in the morning of Saturday June 18. The graph below illustrates the increase in requests.
1/
This morning @Tether_to received a ransom request to avoid mass DDOSes.
They tried already once.
On a normal day we have around 2k reqs/5min
The attack brought us to 8M reqs/5min. pic.twitter.com/rWEan5VNFX—Paolo Ardoino (@paoloardoino) June 18, 2022
Paolo Ardoino confirmed that ” the attack is now mitigated “, but that they “ leave ‘I’m under attack’ mode enabled to mitigate any additional risk. According to the technical director of Tether, this additional security measure “will not affect the ability to redeem“, according to the technical director of Tether.
In attack mode
“I’m under attack modeis a feature of Cloudflare’s DNS management service that protects websites against DDOS attacks by requiring users to take an extra step to access the website. For human users viewing the website through a standard web browser, this results in a few seconds delay while the browser performs a check.
If the browser cannot pass the verification, the user may be required to complete a captcha to access the website. However, DDOS attacks are often carried out using remote servers that make requests to the website from outside a browser.
These methods fail verification and are therefore rejected before they even reach the server. In this case, Cloudflare handles all the excess demand, leaving the website free to perform its usual tasks. Paolo Ardoino also confirmed that the reason for the problem was that “autoscale takes a while to adjust“. It thus refers to the ability of the server behind the website to increase resources to cope with the unexpected increase in demand.
Earlier in the day on Saturday, Paolo Ardoino tweeted : “It’s gonna be a long weekend“, but it is unlikely that he expected it to be due to an attack on the Tether website.