Create account

replied 2321d
If they've been login attacks, would not be more likely that they were trying to steal BCHs from accounts with weak passwords (brute force attack) than actually DDoS?
replied 2321d
Correct, it was more of a brute force attack. However, requests we're coming from many different IPs. So a distributed brute force attack :P
replied 2321d
Good question. Memo, do you throttle attempts and/or lockout accounts for bad logins? Of course not sure how they would know usernames as they are not public.
replied 2321d
We have some throttling, but this was coming from lots of different IPs and wasn't targeting any specific accounts.
replied 2321d
They could just try profile names as usernames. I would bet that in many profiles they are the same.