Feeds

Casino DDoS duo caged for five years after blackmail buyout threat

Polish crims demanded 50% of gambling biz, on pain of firm-killing cyber attacks

The Essential Guide to IT Transformation

A pair of cyber-extortionists who attempted to blackmail a Manchester-based online casino with threats of unleashing a debilitating denial of service attack have been jailed for five years and four months.

Piotr Smirnow, 31, of Tawerny, Warsaw, Poland, and Patryk Surmacki, 35, of Szezecin, Poland, pleaded guilty at Manchester Crown Court to two offences each of blackmail and one offence of computer hacking: unauthorised acts on computers contrary to the Computer Misuse Act 1990.

Both men were sentenced on Wednesday to five years and four months in prison following a complex investigation that climaxed in a successful sting at a plush Heathrow Airport hotel.

The case centred on two victims, one of which owns a Manchester-based online casino business and the other a USA-based chief exec of an internet software platform that hosted a multitude of on-line companies.

Smirnow and Surmacki, programmers who worked in the online gaming business and knew their target through their professional interactions approached him with a "business proposition". The offer of a meeting was initially decided before the two meet their intended victim and demanded half the stake in his £30m online business under the threat of using a Kiev, Ukraine-based hacker to "take down" the online casino's servers, effectively preventing it from trading, unless their demands were met.

When the "offer" was rebuffed an online assault was launched in early August for around five hours, costing the casino an estimated $15,000 in the process. After this the owner of the business who provided the platform for the online casino site and other firm offered to mediate, and spoke with the hackers via Skype before agreeing to a meeting at Heathrow.

This third-party (whose business suffered collateral damage from the initial attack) contacted police who set up a sting operation that captured the cybercrooks' admission of organising the original denial of service attacks and related threats. "The pair claimed they’d shown their power and it wouldn’t stop until the internet source codes for his business were handed over," a police statement on the case explains. "The CEO refused to provide them so they both became annoyed and said they were now ‘going to war’."

The duo were arrested by police who had captured the whole exchange on video as soon as the meeting broke up.

A Greater Manchester Police statement on the case, including extensive quotes from investors and other relevant parties along with a video clip from the sting - can be found here. GMP was assisted by the National Crime Agency and the Crown Prosecution Service throughout the operation.

Detective Inspector Chris Mossop, of the Serious Crime Division, said Smirnow and Surmacki's "greed was ultimately their downfall as they failed to reckon with the victims’ bravery in the face of extreme intimidation". “This was a very complex, dynamic investigation that centred on an emerging global cyber-threat. Denial of service attacks have become increasingly common offences in recent years and can have a devastating effect on the victim’s on-line business," he added.

The Manchester victim welcomed the decision of the court to sentence Smirnow and Surmacki to a lengthy jail terms. “I am grateful for the assistance to me provided by the police in this matter," he said. "This case made me fear for my personal safety as well as for the future of my business, which is why I felt compelled to take action against the perpetrators of this crime. No one should have to succumb to blackmail and this sentence should act as a warning to those involved in cyber-extortion that the police and the courts will view this type of conduct very seriously.”

More on the case can be found in stories by Sky News (here). ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.