The Lightning micropayment network has faced a strong DDoS attack, which resulted in about 200 nodes being disabled. Crypto-enthusiasts attribute responsibility for the attack to the supporters of the failed SegWit2x fork.

The number of working nodes in the Lightning Network decreased from 1050 to 870, meaning that the DDoS attack resulted in failure of 20% of LN nodes.

The DDoS attack was revealed by Alex Bosworth, one of the Lightning Network developers.

Lightning nodes are getting DDOS'ed, rumor is that someone from the 2x effort known as "BitPico" has taken credit for this. The Lightning services I've deployed have been attacked from the start, with botnets, etc. Deploying in adversarial conditions, decentralization is hard.

Responding to the question about the bug that aggressors used to attack the Lightning Network, Bosworth wrote that there was no vulnerability in the Lightning Network.

As evidence of BitPico's guilt, Bosworth published a screen of the chat with them in Slack, where the BitPico team declares it has created a special toolkit for an attack on the Lightning Network.


According to the owners of Lightning Network nodes, the attack was performed through the request of as many connections as possible. Thus the nodes are not able to open real new channels.

It is unknown who stands behind the BitPico group. BitPico became widely known last autumn when the organizers canceled the SegWit2x fork. BitPico group of an unknown number of bitcoin miners published a hostile letter, claiming to launch the SegWit2x fork despite its cancellation. They claimed that they owned about 30% of the capacity of the entire bitcoin network.

But the crypto community doubted that Bitpico had such computational power. BitPico accounts on GitHub and BitCoinTalk were created in September 2017, and in mid-September BitPico themselves claimed to own not 30%, but about 1.62% of the bitcoin network capacity.