Feeds

Extortionists attack Paddypower.com

Gamblers Anonymous

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Irish on-line betting site Paddypower.com is the latest high-profile Web property to suffer a denial of service attack from malicious users bent on extortion.

The company confirmed that its Web site was temporarily off line for a number of hours on Wednesday evening (Feb 4) as a result of interference from a distributed denial of service (DDoS) attack.

According to Paddy Power, the problem was experienced by several other on-line bookmakers and represented a malicious attack that attempted to block legitimate customer access to the site by bombarding it with a high volume of messages.

The company stated that there was no interference with the integrity of customer data, nor to the site itself. Furthermore, there was no material loss to the business as a result nor did any customer suffer any loss.

Paddy Power said it is currently working with its ISP, telecommunications suppliers and other on-line bookmakers to protect betting sites in the event of a reoccurrence. Apparently, the attack was motivated by an attempt at extortion.

"As with many denial of service attacks, here was an attempt by the perpetrators to secure payment to end the message flow. No payment was made and the incident is now under investigation by UK police technology experts. Paddypower.com is operating normally and as a matter of courtesy all on-line customers have been advised of the incident," a spokesperson for the company said.

This is not the first time such an attack has been launched against a gambling Web site. Several US bookmakers were forced offline due to denial of service attacks during the recent Super Bowl weekend. Furthermore, a report from IDG claims that several on-line betting sites were forced to pay protection money to keep their gambling operations on-line and pressure from criminal elements was stepped up during the run in to the Super Bowl.

Denial of service attacks have been in the news of late. The recent MyDoom worm prompted infected PCs to launch an attack on Unix developer SCO, while another variant launched an attack on Microsoft. Denial of service attacks operate by bombarding a Web site with a huge amount of requests. An effective attack will essentially bring a site's operations to a halt. Denial of service attacks usually cannot compromise a Web site in any way other than effectively taking it offline for the duration of an attack.

© ENN

Remote control for virtualized desktops

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.