Scam sites protection has become more sophisticated: the first result of the disBalancer beta testing

3 min readJan 12, 2022


Beta testing has already been underway for 10 days. Alexey, the disBalancer Senior Developer, is sharing the first result of the beta test process.

The number of testers: 30

Сountry coverage: 21

Scam Sites Typization

Firstly, we have received an idea of what we have to fight. We know how the typical IDO/ISO websites now look. We reduced them to several schemes which fight for the so-called scam-throne over the IDO/ISO projects.

Many scam sites are being well-protected and built like torrent clients. By making promo through Google AdWords, they are based on the LiteSpeed webserver and Cloudflare protection. Sometimes they have CGI specification that causes pages to slow down.

Client App Stability

We have improved the work of the client-side, so it could constantly and stably run on any platform.

With the help of communication in the messenger and the built-in communication method with the developer, it was possible to resolve the technical stability of the client.

Defining Software Requirements

The team identified minimum software configurations and some features that user devices need. It is important for user to add the app to the exception list of the client’s antivirus application for a while.

Enhanced Usability

We came to an understanding of how to arrange the using process. So we managed to make a better dynamic configuration at the request level. The client, while performing, will not suddenly stop or collect them for conducting stress testing for purposes that are no longer relevant. Although, there are a couple of bugs received from one of the testers. But the tendency for my test and testing others looks pretty reassuring.

Improved Application Layer Load

The team improved the OSI 7 (application layer load) method. It proved to be effective against the backend of sites. Sometimes it was possible to make sites with DDoS protection overwhelmed using several client-sides.

Growing Of Bandwidth Efficiency

The app minimizes bandwidth consumption while the application layer load runs. It also caused the craziest glitches after the redesign because the design implementation disrupted the work of the entire program. It took a lot of effort to bring it all to a stable version without memory leaks.

More That The Half Of Scam Sites Became Overwhelmed

It turned out to crush half of the scam websites list provided and to make some partial load — since they are static and require further modifications and descriptions of new load methods. It is important to stress that the beta test does not require long-term scam sites downtime but demonstrates the functionality of services provided by disBalancer after the full product will be ready.

Upcoming server and client configurations will provide us with a great product. As for now, our testers connect to the network and increase the response time from the overwhelmed server growth, which looks exciting (even for scammer hosts that pretty good defended from it).

Points To Grow

We identified some bottlenecks like adding programs to the antivirus exclusions list, disability to work on some builds of Windows without disabled antivirus, disability to work on a pair of devices without a disabled firewall.

Therefore, we noticed how antiviruses and firewalls affect the app performance (blocking from the start or the task execution like HTTP flood or transport-level (TCP/IP) DDOS load).

While working with sites using Cloudflare protection, due to the load of 5–6 cyber warriors, the response increased from 0.3s to 2.4s, along with server response speed. We are aiming to develop a methodology to improve current results.

Our team sends a lot of thanks to everyone who participates in our beta test!

Our special thanks also go to:

disBalancer beta testers for collecting the info on issues of the correct running of the client-side. They helped all the cyber warriors during the beta test.

disBalancer community members for giving us scam sites lists.




A decentralized cybersecurity solution that performs stress testing to identify DDoS vulnerabilities and protect projects against fraudsters.