Important
notice

14 Dec 2021

 

This is an urgent message received by our technology provider, which explains why some clients are unable to open trades as they wish:

Dear Clients,

We would like to share with you the sequence of events in regard to the recent attack on parts of our hosting infrastructure. The attack was discovered on THU the 9th of December 2021. All timestamps below are approximate and in GMT:

Sequence of events:

  • Thursday 18:50: A client reports inability to restart his MT4/5 History Server.
  • Thursday 20:40: A client reports that a ransomware attack on his server has been blocked by his antivirus.
  • Thursday 22:10: Several clients report switching to their failovers after experiencing issues with their primary MT4/5 servers after EOD restart.
  • Thursday 22:40: Tech-provider Support escalates to Tech-provider Networks for further investigation.
  • Thursday 22:50: Tech-provider Network escalates to Tech-provider Systems for further investigation.
  • Thursday 23:00: Tech-provider Systems investigates and identifies a ransomware attack by Atom Silo.
  • Thursday 23:15: Tech-provider Systems deploys a decryptor tool from AVAST to affected clients with decryption success rates between 5-20%.
  • Friday 00:15: Tech-provider Systems identifies the attack has spread to wider parts of Tech-providers hosting infrastructure and escalates to management.
  • Friday 01:30: Tech-provider identifies that the attack can only disrupt client’s live trading by encrypting essential files if the MT4/5 servers are stopped or during restart.
  • Friday 02:30: Tech-provider issues a statement to all clients informing them of the ongoing attack. Tech-provider advises clients not to restart their MT4/5 servers and to verify their failover infrastructure is operational.
  • Friday 02:40: Tech-provider attempts to engage with various third party cybersecurity firms.
  • Friday 05:45: Tech-provider establishes a channel of communication to a Forensic and Malware Analyst who developed the core algorithm of AVASTs decryptor tool.
  • Friday 06:10: Tech-provider establishes a channel of communication to the cybersecurity firm, QSecure.
  • Friday 06:40: QSecure engages Deloitte Cyber Forensics.
  • Friday 08:00: Tech-provider calls clients and continues to do so throughout the day to ensure they are aware of the statement sent earlier around 02:30.
  • Friday 08:00: Tech-provider identifies and disables the entry point of the attacker. The entry point was a compromised web interface of the monitoring system ZABBIX.
  • Friday 10:30: QSecure in collaboration with Deloitte Cyber Forensics join Tech-provider engineers onsite and begin work on analyzing the ransomware itself as well as the attack.
  • Friday 14:30: Preliminary evidence gathered by the forensic teams by analysing the ransomware as well as network activity does not suggest there was either a data breach or backdoor present.
  • Friday 18:20: Tech-provider and QSecure start collaborating with the Forensic and Malware Analyst and provide data to improve the success rate of the decryption algorithm.
  • Saturday 00:30: Tech-provider advises clients to switch to their MT4/5 failover Infrastructure.  For clients hosting their failover with Tech-provider, Tech-provider provides assistance and new servers to migrate to. 
  • Saturday 06:00: Tech-provider reaches out to clients to commence the migration of MT4/5 failovers.Failover migration continues through Saturday and Sunday.
  • Saturday 07:30: Tech-provider receives an updated version of the decryption algorithm.
  • Saturday 08:00: Tech-provider receives the source code of the decryption algorithm.
  • Sunday 17:00: QSecure and Deloitte Cyber Forensics confirm that based on their evidence there was no data breach or backdoor present in the malware.
  • Sunday 18:00: Tech-provider improved the decryption algorithm and added brute force capabilities now reaching decryption rates of close to 100%. Tech-provider assists clients to decrypt files. 

Summary:

We would like to confirm that many of Hosted Clients experienced impact to their trading operations. At no point did Tech-provider enter into any negotiations with the attackers nor has met any of their demands.

The security of Tech-provider’s internal systems, including the trading infrastructure, was not compromised or suffered any interruptions at any point.

We will continue to provide updates as we receive them and we will always remain transparent.
Our teams are available around the clock to provide any assistance needed. 

Finally, we want to sincerely apologize for any inconvenience this event might have caused to our customers. We will continue to increase inhouse expertise and work closely with our Cybersecurity partners to improve the security of our hosted systems.

 

 

April 27, 2021

Dear all

Please be informed that for the better efficiency, new wiring instructions are being introduced.

We always work hard to provide top-notch services.

Thank you for your patience.

 

 

 

 

January 17, 2021

Dear Clients and Partners!

Welcome to the brand-new environment. We not only have improved the looks of the website with fresh design and easier navigation, but we also invested in enhancing security when logging into your accounts. This, however, is just a tip of the iceberg as made several large-scale investments in our trading infrastructure as of Dec 2020. Please note that we have brought improvement in execution and liquidity. Since we operate in an extremely fast-paced and challenging environment, every milisecond counts - and time is money.

Thank you for your patience and we are happy to introduce the updates.

In case of any difficulties with logging in, please do not hesitate to contact us: ops@apl-markets.com. But we do not expect many.

Once you are able to log in, please use the internal communication tool to communicate with us to ensure smoother and faster dialogue.

 

Thank you.

Regards,

APL Markets Inc.

 

tech info for FIX API traders:

Please note that the scheduled maintenance to upgrade Routers at LD4 POP was completed successfully.

 

We would also like to remind you that although our team always carries out extensive post-deployment checks, we always encourage our clients to thoroughly test and monitor their systems, ensuring that everything is working as expected.

 

If you have any questions or concerns regarding this maintenance, please do not hesitate to contact our support.

As we are continuously optimizing the performance of the APLynx, we will be making the following changes in the upcoming APLynx update which will be taking place in the coming weeks. You will be notified again in advance once the release date has been scheduled for your Live APLynx.

In preparation for this major update, we have already deployed the latest APLynx version in the Demo Environment which is compatible with the Portal version 2.38. It is essential for you to test and verify these changes on your Demo APLynx ahead of the Live Environment update.

Note: For our clients whose LIVE APLynx have been updated to the Portal version 2.38 in the past weeks, please continue to verify the below changes and report any issue or concern right away to our support team at support@.

Symbol Component

Attribute – Change - Description

Session – Removed - Sessions should be defined in Provider Setting, Connector Stream Setting, and Connector Account Setting respectively

Min – Renamed -The new column name is Order Size Step

Point - Updated - The new column has been renamed to Digits with updated logic which allows selection of the exact number of decimals for a symbol from the drop-down list

Factor – Added - The new column Factor is a read-only attribute that is generated by the APLynx for the calculation of the notional value of a CFD contract

Note: Factors should be verified carefully by you and any required changes can be performed on your APLynx by our Support team only.

 

2. Security Component

Attribute – Change - Description

Enable - Removed - From the Symbol Component, Security can be enabled or disabled by enabling or disabling the Active attribute for a set of symbols filtered out from the Security column.

  

 

3. Currency Component

Component - Change - Description

Currency – New

New Currency Component is added in Real-Time and Pending Configs Module. The new table is filled automatically by all distinct Base and Quote values from Symbols setting.

 

 

4. Connector Account Component

 

Attribute - Change - Description

Currency – Removed - The Currency Column from the Connector Account Component has been removed

 

5. Liquidity Profile Setting Component

 

Attribute - Change - Description

Precision – Updated - The Precision column has been updated with simplified Select drop-down options

  

 

6. Report Manager & Trade Database

 

Attribute - Change - Description

Ccy - Removed - The Ccy which represents the Connector Account base currency has been removed

Conv - Removed - The Conv which represents the conversion rate between trade currency and connector account currency of an executed trade has been removed

Note: All columns related to Ccy and Conv in the Order/Leg/Deal Reports in the Report Manager will be removed. Please make sure your customized reports are updated accordingly.

  

We encourage you to test and verify the above changes on your Demo APLynx beforehand to ensure the upcoming update on your Live APLynx will be completed without any interruption to your business operations. For those who utilize APLynx API, it is essential for you to verify and adapt to the above changes in the new APLynx API version 2.38 in advance before the Live update takes place.

 

 

In case you experience any issues or have any concerns regarding this matter, please do not hesitate to contact us at support@.