Feeds

Extortionists attack Paddypower.com

Gamblers Anonymous

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Irish on-line betting site Paddypower.com is the latest high-profile Web property to suffer a denial of service attack from malicious users bent on extortion.

The company confirmed that its Web site was temporarily off line for a number of hours on Wednesday evening (Feb 4) as a result of interference from a distributed denial of service (DDoS) attack.

According to Paddy Power, the problem was experienced by several other on-line bookmakers and represented a malicious attack that attempted to block legitimate customer access to the site by bombarding it with a high volume of messages.

The company stated that there was no interference with the integrity of customer data, nor to the site itself. Furthermore, there was no material loss to the business as a result nor did any customer suffer any loss.

Paddy Power said it is currently working with its ISP, telecommunications suppliers and other on-line bookmakers to protect betting sites in the event of a reoccurrence. Apparently, the attack was motivated by an attempt at extortion.

"As with many denial of service attacks, here was an attempt by the perpetrators to secure payment to end the message flow. No payment was made and the incident is now under investigation by UK police technology experts. Paddypower.com is operating normally and as a matter of courtesy all on-line customers have been advised of the incident," a spokesperson for the company said.

This is not the first time such an attack has been launched against a gambling Web site. Several US bookmakers were forced offline due to denial of service attacks during the recent Super Bowl weekend. Furthermore, a report from IDG claims that several on-line betting sites were forced to pay protection money to keep their gambling operations on-line and pressure from criminal elements was stepped up during the run in to the Super Bowl.

Denial of service attacks have been in the news of late. The recent MyDoom worm prompted infected PCs to launch an attack on Unix developer SCO, while another variant launched an attack on Microsoft. Denial of service attacks operate by bombarding a Web site with a huge amount of requests. An effective attack will essentially bring a site's operations to a halt. Denial of service attacks usually cannot compromise a Web site in any way other than effectively taking it offline for the duration of an attack.

© ENN

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.