LeapRate Exclusive… LeapRate has learned that multi-asset electronic trading solutions provider smartTrade Technologies was hit by hackers last week, at its LD4 hosting location.
Service was partially and intermittently not accessible to smartTrade clients in LD4 for several hours last Wednesday, May 9.
At around 5:30pm UTC a smartTrade monitoring tool raised an alert at LD4 for some incoming and outgoing connections, leading to not being able to connect to some venues or for clients to have troubles to access some smartTrade services.
To its credit, we understand that smartTrade started to immediately contact its clients, to notify about a network issue at the LD4 site.
smartTrade was able to fix the issue within about an hour, notifying its clients of such as about 6:50pm UTC. However, about an hour later the downtime re-occurred, and wasn’t fully resolved until about six hours later (2:00am UTC on May 10).
Apparently the root cause involved smartTrade’s LD4 infrastructure which is is protected by a cluster of redundant firewalls (primary and secondary) to handle failover. The ARP table of both firewalls of the cluster were flooded by a broad range of IP addresses. This caused instability of the cluster and issues to initiate and receive connections.
We understand that smartTrade is working with his Internet providers to put in place a mitigation plan, to prevent such an attack from succeeding in the future.
LeapRate spoke with smartTrade management, which confirmed that the event did occur as described. And, that it has not reoccurred since.
A copy of the indictment report can be seen here (pdf).