Postmortem: Analysis of the DDoS Attack that Caused Site Downtime Since February 8th

2 min readFeb 22, 2023

As some of you may have noticed, the website has experienced random episodes of downtime since February 8th. This outage coincided with major exchanges listing our new $GFT token. After investigating the cause of the downtime, we have identified a botnet as the primary source of the malicious attack traffic.

Millions of IP addresses have been used to carry out a Distributed Denial of Service (DDoS) attack against, resulting in the inaccessibility of our hosting server. While a tiny portion of the IP connections were legitimate attempts to connect to our website from Gifto users, the vast majority of connections were part of the attack.

The volume of IP connections that Gifto experienced during the attack was unprecedented. The attacks disrupted the website service intermittently, making it difficult for users to access the site during these periods.

Our security and engineering teams worked tirelessly to mitigate the attacks by implementing several measures. In addition to changing our server, we added CloudFlare protection and other security layers to our hosting server. This allowed us to filter out the malicious traffic, ensuring that legitimate connections were able to access our site without issue.

We would like to emphasise that no other Gifto services or infrastructure have been affected by the DDoS attacks. Our team worked quickly to ensure that the attack did not compromise the security of our users’ data or our platform’s functionality.

We understand that the downtime may have caused inconvenience to our community, and we apologise for any disruption that this may have caused. We are grateful for your feedback and support, and we remain committed to providing a secure and reliable platform for our users.