Cardano Network Thwarts DDoS Attack with No Disruption

The Cardano blockchain suffered a DDoS attack that targeted tokens that were staked on the network, but the attack was stopped successfully.

On Jun. 25, the Cardano blockchain successfully dealt with a DDoS attack that targeted staked tokens. The attack was stopped after Philip Disarro shared some advice to Cardano through an X post. Meanwhile, Metallica's X account was hacked to promote a fake Solana token, and the ex-CEO of Hydrogen Technology Corporation was sentenced to four years for securities fraud. Additionally, a violent crypto heist ring leader was convicted for multiple home invasions targeting crypto holdings.

Cardano Defends Against DDoS Attack

The Cardano blockchain suffered a distributed denial of service (DDoS) attack late on Tuesday that targeted tokens that were staked on the network. However, the attack was stopped successfully, and the network continued with business as usual without any disruption. 

Fluid Token's chief technology officer shared on X that the attack started at block 10,487,530, with each transaction executing 194 smart contracts. The attacker spent 0.9 ADA per transaction and filled each block with multiple transactions to stress the network.

Philip Disarro, founder of Cardano development firm Anastasia, pointed out that the attack could be stopped by deregistering the stake credential used by the attacker. The attack was successfully stopped not long after Disarro’s suggestion. 

Disarro pointed out that the attacker gave up what they were doing to try to protect their funds, but it was too late as the process to reclaim the attacker’s funds was already underway. 

The price of Cardano (ADA) experienced a slight 0.49% drop over the past 24 hours of trading. As a result, the altcoin was worth about $0.3896 at press time.

What is a DDoS Attack?

A distributed denial-of-service (DDoS) attack is a malicious effort to disrupt the normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic. The attack spreads from one computer to others in the same network, leading to potentially catastrophic failures. 

DDoS attacks exploit the capacity limits of network resources to completely prevent the normal functioning of web resources like websites or apps. Attackers sometimes even demand payment to stop the attack or attempt to damage a competitor's business. Globally, over 2,000 DDoS attacks happen every day.

While DDoS attacks are common in traditional cybersecurity, they also pose some serious risks to the digital nature of blockchain and crypto networks. Blockchains, although decentralized and spread worldwide to eliminate single points of failure, are not immune to DDoS attacks. These attacks can flood the blockchain protocol layer with spam transactions, filling up blocks and preventing legitimate transactions from being processed. This leads to legitimate transactions being stuck in the mempool, effectively causing a system failure.

A new type of denial-of-service attack, known as a blockchain denial-of-service (BDoS) attack, has emerged with the rise of blockchain technology applications. These attacks target blockchains operating under the proof-of-work (PoW) consensus mechanism, like Bitcoin

The primary ways to defend against them are to ensure that nodes have adequate storage, processing power, and network bandwidth as well as building failsafes into the code. Generally, the more decentralized a blockchain network is, the more secure it is against a DDOS attack.

Metallica's X Account Hijacked for Solana Token Scam

The official X account for the heavy metal band Metallica was also recently hacked. The exploiters ended up using the hacked account to promote a Solana token with the ticker METAL. Metallica's team has since regained control of the account and deleted all of the posts mentioning the token. 

The hacked account first posted about the token on Jun. 26, and falsely claimed it was created in partnership with Ticketmaster and launched on the Solana-based token deployer pump.fun. However, Ticketmaster has not announced any partnership with METAL at all.

Posts from the hacked account also falsely claimed that the fintech firm MoonPay was involved in the project. MoonPay president Keith Grossman vehemently denied any association with METAL in a post on X, very clearly stating that, "MoonPay does NOT support METAL." MoonPay later also posted, "If someone is offering you a METAL token, they are not the master of puppets — they’re the master of scams!" 

In an effort to attract buyers, fake Metallica posts claimed that users could redeem METAL tokens for exclusive items like free concert tickets, custom gaming consoles, and merchandise. One post even promised staking rewards. 

The total value of the METAL token briefly peaked at $3.37 million within just 20 minutes after it was launched, according to Dexscreener data. 

Ex Hydrogen CEO Sentenced

Meanwhile, a Florida judge sentenced Michael Kane, the former CEO of Hydrogen Technology Corporation, to about four years in prison after his guilty plea to securities fraud related to a cryptocurrency price manipulation scheme. According to the United States Justice Department, Kane received a 45-month sentence on Jun. 24, while Shane Hampton, the company's former Head of Financial Engineering, was sentenced to 35 months for similar offenses.

Principal Deputy Assistant Attorney General Nicole Argentieri stated that this case is the first time a federal jury determined that a cryptocurrency is a security and that manipulating its price constitutes securities fraud. 

The U.S. Securities and Exchange Commission (SEC) filed a lawsuit against Kane and Hydrogen Technology in September of 2022, alleging that Kane used the firm's market maker to manipulate the volume and price of its Hydro (HYDRO) token. In April 2023, a New York judge ordered Kane and the firm to pay $2.8 million in remedies and civil penalties. Around the same time, criminal indictments against Kane and Hampton were announced in the Southern District of Florida.

Kane pleaded guilty to one count of conspiracy to commit securities price manipulation, one count of conspiracy to commit wire fraud, and two counts of wire fraud. He has been awaiting sentencing since November of 2023. 

Hampton was convicted of similar charges by a jury in February. Two other former Hydrogen Technology executives, Andrew Chorlian and Tyler Ostern, also pleaded guilty to their involvement in the scheme in May 2023.

Jury Convicts Leader of Violent Crypto Heist Ring

A federal jury in Greensboro, North Carolina, convicted Remy St. Felix, from West Palm Beach, Florida, for leading multiple violent home invasions aimed at stealing victims' cryptocurrencies. St. Felix faced nine counts, including conspiracy, kidnapping, Hobbs Act robbery, wire fraud, and brandishing a firearm to facilitate his crypto-targeted crimes. 

The conviction on Jun. 25 came after a trial that revealed his leadership in an international conspiracy targeting U.S. citizens for their crypto assets. Sandra Hairstone, U.S. Attorney for the Middle District of North Carolina, placed a lot of emphasis on the severity of the crimes, stating, "The victims in this case suffered a horrible, painful experience that no citizen should have to endure. The defendant and his co-conspirators acted purely out of greed and callously terrorized those they targeted."

The FBI investigation uncovered that St. Felix and his conspirators carried out home invasions across multiple states, including North Carolina, Florida, Texas, and New York, between December 2022 and July 2023. The crime gang used physical violence, kidnapping, and threats to intimidate their victims, and forced them to access and transfer their crypto holdings. 

The FBI Charlotte Field Office led the investigation with some help from other field offices and local police departments. Despite the criminals' use of sophisticated money-laundering techniques and encrypted communication to cover their tracks, investigators were still able to connect their activities, arrest them, and hold them accountable.