Prohashing Mining Pool Forums

The website is expected to be slow for several hours. For an unknown reason, there are a lot of invalid password requests being sent to the website, even though the site easily detects these requests and bans the IP addresses, preventing any actual accounts from being compromised. The IP addresses send hundreds of password requests, even though they are banned after the first three.

iptables slows down after 15,000 banned addresses, which has never been encountered by us before, so we need time to determine how to install ipset (https://github.com/ritsu/ipset-fail2ban). Once ipset has been installed and processing of banned traffic is sped up, the website should return to normal performance.

We'll post an update once we've learned how to configure ipset.

This issue has been resolved. We successfully added the 34,000 banned IP addresses to a hashtable, and the website ban procedure performs about 5,000 times faster than the linear search that was performed before using iptables.

No accounts had passwords successfully guessed in whatever this was about. Whoever was responsible simply burned a lot of money and got an entire botnet's IP addresses banned by submitting passwords that failed over and over because the Google Recaptcha solutions were invalid. They're still getting addresses banned at a rate of almost one every two seconds, or 40,000 per day.