The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack.

"We are currently experiencing a DDoS attack on our platform," the exchange said in a notification published earlier today.

"Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily unavailable."

In a separate alert issued through the company's official Twitter account, EXMO said that it's working on addressing the issue.

While no update was published since the DDoS attack was announced, the platform's servers and website are now back online.

EXMO was temporarily registered with the UK Financial Conduct Authority (FCA) as a crypto asset business until July 9th, 2021, following a request submitted back in April 2020.

The British cryptocurrency exchange — self-described as "one of the largest cryptocurrency exchanges in Europe" — disclosed in December 2020 that unknown attackers were able to withdraw roughly 5% of its total assets after compromising EXMO's hot wallets.

Unlike cold wallets (aka offline or hardware wallets) that have no Internet connection, hot wallets are Internet-connected and are used by exchanges to temporarily store assets for ongoing transfers and transactions.

EXMO suspended all withdrawals following the incident and added that all user losses following this incident will be covered and refunded completely by EXMO.

"Our team is currently developing a new infrastructure for hot wallets. Since each blockchain needs a separate server, the process will take some time," EXMO added in a subsequent update.

"Once deposits and withdrawals are available, you will have to generate a new wallet address in the 'Wallet' section of your account.

"Our investigation is ongoing, and we are taking all necessary and precautionary measures to prevent such incidents from reoccurring."

Update February 17: An EXMO spokesperson told BleepingComputer that the exchange has resumed regular operations.

We resumed our work. It was a massive attack (30GB per second) that affected the company's entire infrastructure, including the website, API, Websocket API, and the exchange charts. So, it's quite natural for any exchange under these circumstances to be down for a couple of hours. Nevertheless, the attack was repelled and additional measures were taken to prevent this from happening again.

Related Articles:

KuCoin charged with AML violations that let cybercriminals launder billions

Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

US sanctions crypto exchanges used by Russian darknet market, banks

New ‘Loop DoS’ attack may impact up to 300,000 online systems

Here's why Twitter sends you to a different site than what you clicked