Tuesday April 7,2015 : ONLINE CASINO SUBJECTED TO D.D.O.S. ATTACK
Operator marshals resources, says there is no way he will submit to extortion.
The Betat online casino group has communicated with players who were complaining about patchy technical performance over the long weekend, advising them that the operation has been fighting off a significant Distributed Denial of Service attack.
DDoS assaults are mounted by criminal elements trying to unlawfully extort money from the victim by threatening to overwhelm targeted websites with waves of data requests submitted by armies of robot computers.
Betat's communication included details of the ransom demand from the attackers, who title themselves "the DD4BC Team" and claim to have successfully mounted attacks at Neteller, Bit Coin Bounty Hunter and Excoin.
In their first extortionate communication, the criminals advise:
"Recently, we were DDoS-ing Neteller. You probably know it already.
"So, it’s your turn!
"Slottyvegas.com and betatcasino.com is going under attack unless you pay 10 Bitcoin."
The email gives a payment channel through which the company can pay the ransom, before going on to claim:
"Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother.
"Right now we are running small demonstrative attack on your server.
"Don't worry, it will stop in 1 hour. It's just to prove that we are serious.
"We are aware that it's weekend and you might not have 10 BTC at the moment, so we are giving you time until Monday to get it and pay us.
"IMPORTANT: You don’t even have to reply. Just pay 10 BTC to XXXXXXXXX – we will know it’s you and you will never hear from us again.
"We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service.
"But if you ignore us, and don't pay until Monday, price to stop will go to 20 BTC and will keep going up for every hour of attack.
"It’s a one-time payment. Pay and you will not hear from us ever again!"
A Betat spokesman confirmed that the Easter weekend threat materialised on Monday, when the sites were hit with 45 Gbps of DDoS bandwidth.
"This attack was vicious, massive and wide spread and hit our entire range of sub-nets, even our CDN has been compromised (Content Delivery Network) as well as our AWS (Amazon's Cloud Service), the spokesman revealed Tuesday.
"To say that 45Gbps of bandwidth is a lot is a gross understatement. These hackers have massive capacity and are highly organised.
"Luckily, we are well equipped to handle these kinds of attacked and while nothing of this magnitude has been recorded on both our front, nor on the service providers experience, we are highly confident that by end of the week we will have the situation under full control.
"That said, the next 5-7 days will be rough and our customers may experience times of inconsistent performance."
The spokesman goes on to inform other operators that the DD4B team seems to have been doing this since late 2014 and started with illegal bitcoin exchanges and gaming businesses.
"They have now moved onto legitimate businesses," the spokesman opines, inviting operators to share their experiences.
"I strongly suggest that you speak to your individual CTO's and re-visit your DDoS mitigation services and the resiliency of your network. The hacking group claims that they have 400-500 Gbps sustained DDosS capacity."
Importantly, the spokesman notes that this is a DDoS assault and not a hack. Therefore player personal information has not been compromised in any way.
"Our systems are built in a way that segregates front end environments from any back end applications and databases. The data is never open to the public in any way.
"The most that can ever happen when playing on our sites, is that in case of an attack and/or a hack, website pages are exposed. The data structure is built on an internal network and bets communicate over an encrypted "backbone" channel – effectively meaning that whenever there is a web -level attack, the channel is shut down stopping all play and all communication.
"This is the reason you experience a termination of service rather than a degradation. It carries a greater impact on revenue stream, but the service security is maintained."