Nick Chong · 2 hours ago · 2 min read
Steemit Experiences DDoS Attacks
The tokenized blogging front-end built on the Steem blockchain, Steemit, recently experienced sustained distributed denial of service (DDoS) attacks. There was no reported impact on the Steem blockchain or any other apps associated with it.
A DDoS attack uses comprised computers to overwhelm a web service’s servers. By flooding a service’s servers with messages, connection requests, and malformed data, an attacker can overwhelm a website’s servers and force it to shut down, denying service to legitimate users.
Steemit was the first of many decentralized apps built on the Steem blockchain. It was built and is run by many of the same people who launched Steem, Block.one.
An engineering update, posted on the blockchain Mar. 14th by an official Steemit blog account, notes there have already been mitigation efforts implemented by the Steemit team and that the situation “appears resolved.” The report further states that the outages are unrelated to recent changes that were applied to Steemit. The people behind the attack are still unknown.
This isn’t the first time Steemit.com has experienced DDoS attacks. However, unlike past attacks, the blockchain-based social media front end is reportedly more capable of dealing with these kinds of attacks, making the recent outage all the more concerning.
Andrew Levine, Steemit’s head of communications and advocacy, stated the same day of the attack:
“…We’ve (Steemit.com) been trying hard to improve our communications which is why we’ve been putting out engineering updates every week. One challenge for us is that we have a lot of security concerns and many Steemit employees are extremely security conscious, and for good reason. Their obsession with security is what helps keep our users and our app developers safe.”
It’s uncertain why Steemit was attacked. Reasons and culprits could vary from sabotage from a competitor to a lone-hacker merely looking to inflict damage. Whatever the reason, it’s likely DDoS attacks on crypto front-end web services will continue, and businesses providing these services should prepare themselves accordingly.