| Reported on | October-27-2022 12:00 |
| Mitigation | October-27-2022 15:00 |
| Solution Completed | TBD |
| Severity | SEV-1 |
Users started reporting on Discord that the marketplace was not loading properly. Metrics were displaying that all instances of the NFT Server (The service that provides nft data to the marketplace) were down and unable to go back live. The team started investigating the root cause of the issue and found a large amount of inbound requests to the server by a single actor that saturated the service, crashing it. A DoS attack was taking place.
- The proper configurations were not set to prevent this kind of attacks.
- 2022-10-27 12:00 Users report that the marketplace is not working.
- 2022-10-27 13:00 Team starts investigating the root cause of the issue.
- 2022-10-27 15:00 Team stops the attack by updating WAF rules.
- 2022-10-27 15:00 Marketplace goes back to normal.
All users were unable to access the marketplace.
- Update WAF rules to stop the attack.
- Research and implement better DoS mitigation techniques.