Memo.cash site has been under a DDoS login attack since about an hour ago. We've been tightening up firewall rules to mitigate. Sorry for any site slowness that has occurred.
If they've been login attacks, would not be more likely that they were trying to steal BCHs from accounts with weak passwords (brute force attack) than actually DDoS?
Correct, it was more of a brute force attack. However, requests we're coming from many different IPs. So a distributed brute force attack :P
Good question. Memo, do you throttle attempts and/or lockout accounts for bad logins? Of course not sure how they would know usernames as they are not public.
We have some throttling, but this was coming from lots of different IPs and wasn't targeting any specific accounts.
They could just try profile names as usernames. I would bet that in many profiles they are the same.
