Flexcoin: Bots and Robbers

March 18, 2014 Ron Abisi


On March 2, 2014, operators of the small bitcoin exchange Flexcoin were forced to close its doors and shut down immediately. Nearly 900 bitcoins worth upwards of $600,000 were hijacked and stolen making it impossible for the company to recover. Unless you kept your funds in Flexcoin’s cold storage, you were part of the loss with no recourse for reimbursement.

In a public statement, Flexcoin referred users to their Terms of Service: “Flexcoin Inc is not responsible for insuring any bitcoins stored in the Flexcoin system. You are entering into this agreement with Flexcoin Inc. You agree to not hold Flexcoin Inc, or Flexcoin Inc’s stakeholders, or Flexcoin Inc’s shareholders liable for any lost bitcoins.” Additionally, they state, “We have taken every precaution to defend your bitcoins from hackers and/or intruders.”

For anyone storing valuable Internet currency or equally valuable data of any kind, you need to be sure that you do not have the same vulnerabilities. In this case, the hacker(s) used a bot to send thousands of simultaneous requests to move coins from one account to another. This was accomplished at the HTTP layer without hacking the site.  This malicious bot attack simply automated its use of the public facing UI and used that UI exactly as it is designed to execute transactions.  The only solution to prevent this type of attack is one that detects the bot inline and blocks the requests before they reach the web servers.

Distil Networks protects customers from this type of vulnerability. The core competency of the technology detects and mitigates bots in real time. Many like Flexcoin still believe that users are protected behind a pay-wall through SSL encryption. It’s just not the case anymore. Distil utilizes industry leading fingerprinting technology that can identify the difference between human and malicious bot traffic. The majority of bot detection employed through Distil is accomplished on the first or second request. To catch more sophisticated automation software, Distil utilizes a behavioral modeling system that becomes increasingly more intelligent with every new request. Each domain/subdomain protected on Distil’s network has its own-targeted behavioral modeling system that analyzes traffic patterns over time identifying bot anomalies. Zero-day threats, login hacking, data/price scraping, vulnerability scans, content aggregation, DDoS, botnets, form spam and click fraud are various threats Distil Networks will protect your organization and users from.

Distil’s inline technology can be delivered through the public cloud – Content Delivery Network (CDN) or private cloud – physical or virtual appliance. For more information, please contact us and reference this blog for an extended free trial.



About the Author

Ron Abisi

Ron Abisi is the VP of Sales focused on direct sales for enterprises and high-growth Internet properties. He has over 15 years of sales leadership and technology experience. Prior to Distil, he worked for Dyn managing some of the largest and most well-known Fortune 500 and Alexa top 500 accounts.

More Content by Ron Abisi
Previous Article
Web Scraping Made Me A Better Automated Tester
Web Scraping Made Me A Better Automated Tester

Automated tests are not the only use for these tools. On the more nefarious side, they can be used to creat...

Next Article
Learning to Readjust Priorities
Learning to Readjust Priorities

The important thing to remember as a developer, scientist, or engineer at a company is that your skills are...