Whoever is doing the DDoS is probably doing it to manipulate price and of course they are going to try to cause trouble right when the market starts to move and is most ripe for manipulation.
If your website is down and API unaccessible how is price moved? Who can place market orders while all the rest can't? Why the attackers are so confident they can trade at Kraken while all the rest can't?
We are investigating to see if we can find a connection between the DDoS and trading on our site and will take appropriate action if we can identify someone, but it may be very hard to do so.
Is there a customer or group of customers that have privileged access to your trading engine? They must also have access to the order book, including hidden orders! They can profit only if they know at what price level majority of 'take profit' and 'margin liquidation' orders are grouped.
Dargo,
Scary stuff.
My observation from the last 3 hours is, that as long the price is moving *not close* to any important trend line, the site is accessible. But, at the very moment when the price moves very close to an important trend line (possible breakout expected), site becomes inaccessible or as I am logged in already it stoppes responing at all. - this happened the last 3 hour every single time for such a case. So the last 3 hours wasn't any breakout or huge price move, and the site became accessible again.
But during my trading yesterday, once larger price moves happened, it was impossible to perform any action until about 5 -10 minutes after heavy price movements had stopped.
It's obvious that this didn't help me to prevent losses or take profits.
The scary part is, that it really happened every single time. So the attackers clearly seem to know what they are doing.
Anyone else observing similar things ?