Bitfinex, the world’s largest bitcoin exchange by volume, suffered downtime Tuesday after it was targeted by a distributed denial-of-service attack, the first successful attack targeting the exchange since it was taken down for a number of days in similar circumstances in June.

The DDoS attack started at 9:44 a.m. EST. Bitfinex alerted customers to the issue in a tweet stating that it was “currently under heavy DDOS,” that its application programming interface was down and that it was “working on further mitigation.” An earlier tweet from the exchange on Dec. 8 noted that “Bitfinex has been under significant denial-of-service attack for the past several days. The attack has recently worsened,” but it’s not known whether the downtime Tuesday is an extension of that attack or a new one.

How long Bitfinex was down is not clear. The exchange’s status page stated that as of 5 p.m. EST, “progress is being made to mitigate the denial of service attack.” It also provided a possible hint about the form of the DDoS attack, adding that “one component of the denial of service attack is to create hundreds of thousands of new accounts, causing stress on the infrastructure. For that reason, please note that new user signups have been temporarily disabled to help defend against the attackers and improve platform service for existing customers.”

A further status update as of 10:03 p.m. EST stated simply that the platform was “stabilizing” and that “the team will continue to monitor the situation closely.”

Rod Soto, director of security research at JASK Inc., told SiliconANGLE  that these sorts of attacks against bitcoin exchanges are common, adding that they are usually a cover for other attacks happening in the background.

“The objective is to distract security personnel from other attacks that may include tampering with the applications or platform that is responsible for the exchange of currency, in order to execute operations that lead theft of cryptocurrency,” Soto said. “In other cases, we’ve seen malicious actors trying to blackmail and extort such exchanges with either sensitive information that was obtained illegally or downtime via DDoS.”

Image: Bitfinex