Briefly Shut Down by Denial of Service Attack; Bitcoin Not Affected

While the site was inaccessible, bitcoiners shared the software to newcomers wanting to download Bitcoin's code.

AccessTimeIconDec 19, 2020 at 2:21 p.m. UTC
Updated Sep 14, 2021 at 10:45 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now, the website that hosts bitcoin’s code, is back up after a distributed denial of service attack (DDoS) took the site down in the early hours of Saturday morning.

The website is home to Bitcoin Core, the most popular software version of bitcoin’s code. To be clear: Bitcoin’s blockchain itself was not attacked, only the website hosting one copy of its open-source code.

Read more: What Is Bitcoin?

While the site was inaccessible, bitcoiners disseminated the software to newcomers wanting to download the code via a torrenting service, an open-source marketplace for sharing data. Bitcoin Core’s client includes a “magnet link” (that random alphanumeric string in the below tweet) which can be manually shared to download Bitcoin Core from services like uTorrent and BitTorrent. From this link, the user can locate the hash for where Bitcoin Core is stored on these services and download the software.

Called “distributed denial of service,” a DDoS attack occurs when a person or group uses multiple devices to spam a server or system with data requests, clogging its bandwidth and typically rendering a website inaccessible.

DDoS attacks common during Bitcoin price spikes is now live again. Cobra, a pseudonymous developer who helps maintain, told CoinDesk that DDoS attacks are not uncommon during hot price action and that this specific attack may not be over.

“Basically, we got hit with a large DDoS, which is quite common around ATHs (all-time highs) and bull markets. It took us down for a while but for now we're back up, but  we might go down on and off periodically depending on how long the attackers want to continue attacking.”

Cobra told CoinDesk that the IP traffic from the attack is Russian, but it’s anybody’s guess where the attackers are actually located. That’s because, in addition to the attackers using privacy preserving tools like virtual networks, most attackers launch DDoS attacks remotely from malware-infested devices, pseudonymous and independent researcher 6102 told CoinDesk.

A DDoS against a distributed network like a blockchain--called a sybil attack--has never occurred on Bitcoin’s blockchain.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.