Hackers Clean Up in Online Casino Attacks


The hack attacks come in a variety of forms.

A number of industry groups say online gaming is currently a $1.5 billion industry expected to grow to as much as $6 billion in the next 18 months. Customers of such sites register with their credit card details and the operators plunder the credit card account, Donoughue said. Hackers are sabotaging online casinos with greater regularity, security and gambling experts say, in some cases scamming large sums of money from the gaming firms.

The games were altered so that every roll of the dice in craps turned up doubles, and every spin on the slots generated a perfect match, the company said.

If timed right – such as just before a big sporting event when the wagering activity is at its highest – a denial of service attack could rob a big betting site of millions of dollars worth of bets.

“In the case of slots, it was coming out cherries across the board,” CryptoLogic spokeswoman Nancy Chan-Palmateer told Reuters on Monday.

CryptoLogic is liable to absorb $600,000 of the misappropriated winnings, as a $1.3 million insurance claim will cover the remainder. In other cases, coordinated hack attacks have knocked out sites for longer, security experts say.

“No one is going to say it’s happened, because that’s bad for business. But casino attacks are considered a ripe target for hackers who are enticed by the large number of casinos still operated in poorly policed jurisdictions such as the Caribbean, and by the large number of wagers they handle.

She added the security breach affected two of Cryptologic’s 19 casino operating licensees; she would not disclose the two site operators.

The winners were permitted to keep the money as it is believed they had no hand in the hack attack.

In other examples provided by security experts, the culprit breaks into a casino’s computer server and alters the computer programming code to generate more winning payouts, as was the case with CryptoLogic. “Where would you go? I’d go to dodgy online casinos.

The incidence of Internet fraud has hit every sector of online commerce from banking to shopping sites. “It’s become one of the most common fraud scams,” Barrett said.


Neil Barrett, technical director for London-based Information Risk Management, concurred, saying that over the past year his e-security consulting firm has been contracted to shore up a half-dozen casino operators that had fallen victim to such hack attacks.

“I’ve seen well engineered hack attacks coordinated with very well engineered extortion attacks coming from Leningrad,” Barrett said. She said: “It is likely the intruder was somebody with inside information of our system.” CryptoLogic is cooperating with investigators. Some hackers unleash crude “denial of service” barrages, which disable the targeted site with a flood of information requests.

In some of those instances, the intruders have gone back to the victims, demanding extravagant sums in exchange for guarantees the attack will not recur, experts say.

LONDON –  Call it the gambling industry’s dirty little secret.


There have been also been incidents in which shell gambling sites are created.

The company said that for a few hours during the disruption in late August, 140 gamblers racked up winnings of $1.9 million.

CryptoLogic may have been lucky. Their customers aren’t going to complain.”

Last week, CryptoLogic Inc., a Canadian software company that develops online casino games, said a hacker had cracked one of the firm’s gaming servers, corrupting the play of craps and video slots so that players could not lose.

Barrett and Donoughue say some recent blackmail attempts have been traced to groups from eastern Europe that they say could have ties to organised crime. It was able to detect the security breach early on, minimising the losses. But there is anecdotal evidence,” said Steve Donoughue, managing director of The Gambling Consultancy in London.

“There are a number of groups trying to make money by hacking,” said Donoughue

Leave a Reply

You must be logged in to post a comment.