🚧 DoS Attack Denial-of-Service
A denial-of-service attack floods a server, service, or network with fake traffic or junk requests until it runs out of resources and can no longer serve real users. The service isn't hacked open — it's just too swamped to respond.
🚪 The simple version — a jammed doorway
Picture a small shop. A crowd of fake customers piles into the doorway and refuses to move. Nothing inside is broken, but real customers can't squeeze past, so the shop effectively stops working. A DoS attack does the same thing to a computer: the attacker sends far more requests than the server can handle, so it slows to a crawl or crashes. The goal isn't to break in or steal anything — it's to make the service unavailable. Downtime can last anywhere from hours to much longer.
🤖 DoS vs DDoS — one attacker or an army?
A plain DoS attack comes from a single machine, which makes it fairly easy to spot and block. A DDoS (Distributed Denial-of-Service) spreads the flood across many machines at once — usually a botnet of hijacked devices the owners don't even know are involved. That makes it much harder to filter and far more damaging. DDoS is the more common form today.
| Type | Where the flood comes from | How hard to block |
|---|---|---|
| 🖥️ DoS | One source machine | Easier — block one address |
| 🌐 DDoS | Many machines (a botnet) | Much harder — traffic comes from everywhere |
🧩 The common flood recipes
Attackers abuse different weak spots in how networks process requests. You don't need to memorize these, but the names show up in news reports:
- 📦 Buffer overflow — sends more data than a program reserved room for, so it chokes
- 📡 ICMP (ping) flood — bombards the target with "are you there?" pings until it's overloaded
- 🤝 SYN flood — opens a flood of half-finished connections that never complete, tying up the server
💸 Why this matters in crypto
The services a beginner actually uses are centralized choke points: exchanges, wallet apps, dApp front-end websites, and RPC nodes. All of them can be knocked offline by a DDoS. Crypto was the most DDoS-attacked sector by traffic volume in Q4 2023, accounting for over 4% of all DDoS traffic worldwide. For you, the danger isn't theft — it's getting locked out at a bad moment, unable to trade or withdraw while a service is down.
🧱 Can a blockchain itself be flooded?
The base chain is hard to take down because it's spread across many nodes — there's no single server to overwhelm. But there's a twist: most chains have a fixed block size and a cap on how many transactions fit per block. An attacker can send a flood of spam transactions to fill the blocks and crowd out legitimate ones. The chain stays "up," yet real users face jammed throughput and high gas fees. A rarer variant called BDoS targets Proof-of-Work chains by disrupting miner incentives, though real-world attempts have been very rare and unsuccessful.
📉 Real example — Solana's congestion outages
Solana is the classic case study. In September 2021 it suffered a roughly 17-hour outage when mass botting flooded the network during a token launch. In January 2022 a spam-transaction flood caused a roughly 5-hour outage. More recently the network absorbed a very large DDoS with no downtime — a sign of how much its resilience has improved since those early years.
🛡️ Takeaway for beginners: a service going dark isn't always a hack. Outages from spam and DDoS are common, and the fix is usually patience, not panic — never rush to "rescue" funds through a link someone DMs you during downtime.
❓ FAQ
- If crypto is decentralized, can it even be hit by a DoS attack?
- The base blockchain is hard to knock over because there's no single server to flood. But the things beginners actually use — exchanges, wallet apps, dApp front-ends, RPC nodes — are often centralized and can be taken offline by a DDoS. And chains with limited capacity can still be clogged by spam transactions even when they aren't fully down.
- What's the difference between DoS and DDoS?
- A DoS attack comes from one source. A DDoS (Distributed Denial-of-Service) uses many machines at once, usually a botnet of hijacked devices, which makes it harder to block and more damaging. DDoS is the more common form today.
- Does a DoS attack steal my coins?
- No. A DoS attack is about availability, not theft — it makes a service unreachable, it doesn't break in or move funds. The risk to you is being locked out at a bad moment, like not being able to trade or withdraw while a service is down.