Chinese hackers blackmailing MT4 brokers with DDoS attacks
[vc_row parallax=”” parallax_image=”” row_type=”row” type=”full_width” anchor=”” in_content_menu=”” content_menu_title=”” content_menu_icon=”” text_align=”left” video=”” video_overlay=”” video_overlay_image=”” video_webm=”” video_mp4=”” video_ogv=”” video_image=”” background_image=”” section_height=”” background_color=”” border_color=”” padding=”” padding_top=”” padding_bottom=”” more_button_label=”” less_button_label=”” button_position=”” color=”” css_animation=”” transition_delay=””][vc_column width=”1/1″][vc_column_text]LeapRate has learned that a number of both large and small Retail Forex brokers running MT4 have been the subject of successful DDoS (distributed denial-of-service) attacks originating out of China.
The hackers have apparently exploited a vulnerability in MT4, which is difficult to protect because of decryption. That has enabled the hackers to create high levels of false traffic on the MT4 servers being run by the brokers. The ‘false’ traffic has the effect of causing service disruptions and slowing down the performance of the servers for real clients of these brokers when they log in and attempt to trade. And in some instances, the hosting providers for the MT4 servers shut down access altogether once they detect high levels of questionable traffic or DDoS attacks.
As far as we know, no client accounts have been hacked and no client data compromised at any of the affected brokers. The hackers have just been able to cause havoc and connection issues for real clients of these brokers by virtue of the attacks.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise