TokenStar Process To mitigate DDoS-related risks, we recommend to anyone who is currently working on an ICO to put their security first

Wallarm, a global pioneer in AI-based cyber security solutions, helped TokenStars deter a series of application-layer DDoS-attacks and prevent a security breach by cybercriminals looking to disrupt and hijack the TokenStars’ Initial Coin Offering.

Blockchain talent development startup TokenStars initially announced that it was planning to hold its ACE token ICO on August 24, 2017. However, a few days before the intended date of the crowdsale, the TokenStars official website came under a series of sophisticated application-layer (L7) DDoS-attacks, conducted by unknown cybercriminals.

After an initial assessment of the situation, TokenStars decided to turn for help to its trusted cyber security partner, Wallarm. As the first step in protecting the TokenStars web infrastructure, the TokenStars security team installed the Wallarm Next Gen WAF solution. Upon installation, the Wallarm solution proceeded to discover and map the perimeter of the TokenStars web infrastructure and identified all the hosts that needed to be protected. During the second phase of implementation, Wallarm Node analyzed all incoming and outgoing HTTP requests. Based on this analysis, Wallarm was able to profile the normal operation of TokenStars’ web infrastructure and identify the attacks in progress. The Wallarm team discovered that the cybercriminals were using an application-layer (L7) DDoS attack that consisted of crawling and fingerprinting techniques, used as a smokescreen for a Cross-Site Scripting (a.k.a. XSS) attack.

Wallarm Threat Verification Engine validated this attack and was able to detect an XSS vulnerability on the main page of the TokenStars website. The TokenStars security team found evidence that the attackers had also discovered this vulnerability and started exploiting it, which would allow them to replace the content of the users’ page when the latter visited the TokenStars website.

Wallarm’s experts believe that the attackers were preparing two attack scenarios through this XSS vulnerability: to access the control panel of the target website through an attack on the site administrator, or to mass mail a link containing an attack vector to users and potential ICO token buyers.

If the first scenario succeeded, the cybercriminals would be able to completely control the website and most likely would change the purse address for the coin buyers. But if that attempt failed, the attackers would take advantage of the second scenario and conduct the attack through mass mailing. Unlike a phishing attack, where the site's domain differs from the original one, in this case they could use the original website address. Such an attack would provide far greater results than simple phishing.

With the help of Wallarm’s service, TokenStars was able to quickly regain control of it web infrastructure and thwart the cybercriminals’ attempts to compromise its systems. The only effect of this incident was that TokenStars decided to move the date of its ICO to the September 10, 2017.

“We were pleased to help TokenStars prevent the severe financial impact of a data breach and protect its business and customers. For fast-paced innovative companies that conduct ICOs, the speed of incident response is critical. We have designed Wallarm solutions to keep this pace by automatically creating security rules and adapting to DevOps practices and new operational models. With Wallarm’s assistance, TokenStars’ capable security team has the situation under control and is prepared to face future security challenges, “ said Ivan Novikov, CEO and founder of Wallarm.

“Innovation always comes with a risk – so along with a rising number of initial coin offerings, we witness a massive surge in cryptocurrency cybercrime. Almost 10% of all Ethereum investments in ICOs this year (or $150M in value) were hijacked by thieves. In their attempts to establish control over ICO websites or to steal from coin buyers, criminals often stage DDoS attacks as a distraction. We at TokenStars were lucky to quickly resolve a similar issue with the help from our partners at Wallarm. To mitigate DDoS-related risks, we recommend to anyone who is currently working on an ICO to put their security first,” said Pavel Stukolov, CEO of TokenStars.

About Wallarm

Founded in 2013, Wallarm provides award-winning application security solutions to hundreds of enterprises and SaaS providers worldwide. Wallarm's hybrid architecture makes it uniquely suited for cloud applications and micro-services. Wallarm’s solutions use machine learning to analyze traffic and create adaptive security rules to protect both applications and APIs. Wallarm is headquartered in Menlo Park, California and is backed by Y-Combinator, Partech Ventures and other prominent investors.

About TokenStars

TokenStars is the first blockchain company to tokenize celebrities, including athletes. It aims to disrupt the 40-billion talent management industry by decentralising it and providing funds and promotion resources to rising stars. Starting with issuing ACE tokens for the tennis vertical, the company plans to expand with new verticals, including football, poker, cybersport, basketball, hockey, as well as cinema actors, musicians, and models.