Home / Archive / Kraken and Poloniex DDoS Leads to Trader Losses
4 min read

Kraken and Poloniex DDoS Leads to Trader Losses

Last Updated March 4, 2021 4:56 PM
Andrew Quentson
Last Updated March 4, 2021 4:56 PM

Kraken went down yesterday for about one hour with traders unable to access the website due to a Distributed Denial of Service (DDoS) attack. Just before the site became inaccessible, there was a large ETH sell order, according to Kraken, which “triggered a cascade of liquidations.”

Kraken says they have investigated the incident and they concluded that there was no “evidence of a coordinated attack or market manipulation.” They say the timing of the DDoS and the large sell order appears to just be a coincidence.

Traders suffered heavy losses because ETG’s price went from around $90 to a bottom of $26, in effect liquidating everyone with a long position. One trader told CCN.com he lost “50k euro in 2 minutes.” He further says “so many people lost a fortune of money, some lost 200k and more.”

Traders were unable to react during a brutal hour near midnight London time between 11:30PM and 12:30 AM as shown in the three minutes time interval chart below with the first drop being for around $40 within three minutes.

Ethereum’s price action at Kraken during a one hour DDoS zoomed in at 3 mins time intervals. – image from cryptowatch

Kraken was heavily criticized for not suspending trading during the one-hour period with some suggesting they should roll-back trades. Kraken publicly stated  that suspending trading would have led to bigger losses:

“The consequences for traders would have been even worse. Crypto assets trade on many exchanges and shutting down an individual market simply means that participants there cannot react to the changes elsewhere.”

Traders were unable to react in any event. Once they were able to react after the website became available, normal trading almost instantly resumed as can be seen in the chart above.

It seems therefore that rather than a coincidence, the DDoS was probably timed with the large sell order to prevent the bulls from filling it up, which would have made it a non-event instead of liquidating everyone. As such, we look forward to an independent report of this incident as well as an assets audit.

On a roll-back, they say they won’t provide one as “traders must be able to rely on legitimate trades being honored. Any losses today are the gains of the trader who took the risk to provide liquidity on the other side.”

Of course, whether the trade was legitimate should be established by independent auditors. The large sell order in question would probably be a million dollars or higher as well as a market order. Considering the expected slippage, anyone who has that sort of money is sufficiently intelligent to know selling it at market order will give them significant losses.

In this case, it gave them significant gains because it “coincided” with the DDoS, but on the surface there appears to be too many coincidences. At least Kraken did pause withdrawals temporarily, now accepting them once more according to a public statement by a Kraken representative.

But the incident does raise questions about this exchange which used to boast it was the safest ever, trusted by the MT Gox trustee according to much of their literature. However, they don’t list a license anywhere, nor is their regulatory status very clear.

Bitcoin was also slightly affected as during the one-hour period its price fell by $150 in minutes, to then recover once the site became accessible and go on to new highs. Probably because bitcoin has become somewhat immune to DDoSes and now shrugs them off following the panic of March 2013 when MT Gox was DDosed, sending bitcoin’s price down from a high of $266 to $50 in minutes.

That Gox was so easily affected by a DDoS led to calls for new competitive exchanges, with Kraken being one of them back then, boasting bullet-proof security if memory serves well. Bitcoiners mostly seemingly ignored the exchange, but ethereans found it as a useful alternative to Poloniex, which was also DDoSed last night. Leading to losses.

This is just the latest sign this space still remains somewhat immature. Although that might depend on whether Kraken scrubs the incident under the carpet, or hires one of the big four to fully investigate just what exactly happened.

Featured image from Shutterstock.