Cybercriminals Target Online Poker Sites

If you’re a fan of playing online poker, exercise caution when on your favourite site. Several high-profile poker pages have recently fallen victim to cyber attacks which have disrupted tournaments and left players frustrated. The attacks took place during the first half of August, affecting three popular poker sites, with the most recent target being PokerStars, part of the Canadian world-leaders The Stars Group. Prior to that, both Americas Cardroom (ACR) and partypoker were subjected to the assault, which is known as a distributed denial of service (DDoS) attack.

What is a DDoS Attack?

This type of cyber attack aims to shut down a site by overwhelming it with requests for data from multiple sources. The attacker creates a network of internet-connected devices, which have been infected with malicious software so that they can be manipulated to carry out the orders of the creator, which can be compared to an online zombie army. This network of bots, known as a botnet for short, overloads the target site with requests until it can’t function, in much the same way that sites can crash when subjected to abnormally large volumes of organic traffic.

Almost any device with an internet connection can be conscripted into a botnet, including not only PCs and mobile phones, but smart household appliances such as refrigerators, which are often not protected with sufficiently robust password security. As more and more devices are brought online, cyber criminals have access to an increasing pool of potential bots with which to wage their attacks.

Poker Players are Latest Victims

The recent DDoS attacks appear to have been timed to affect tournaments on all three of the sites. ACR were starting the first day of their Mini Online Super Series when disaster struck, and PokerStars were hosting several tournaments, including their leading Sunday Millions event, when their European network was overcome. The timing of the attack raises concerns over the security of the PokerStars World Championship of Online Poker (WCOOP), which starts on September 2.

In the case of the PokerStars shutdown, the tournaments were cancelled and players paid out according to chip count, but many complained that players from other, unaffected domains were able to steal the blinds while they were unconnected. PokerStars has since refunded all affected players to the full value of their tournament buy-in, but this has still left many dissatisfied.

Apologies and Compensation

In an attempt to stem the angry backlash from players who had invested time and money into the tournament, PokerStars has created a special event which is running until August 26. Any members who lost out due to the attack can compete for prizes from $500,000 freerolls, by way of apology. Winners will get a buy-in to the Main Event at the WCOOP, priced at $5,200.

This may be enough to satisfy disgruntled customers for the time being, but The Stars Group are sure to be concerned at this latest turn of events. While ACR have been on the receiving end of such breaches in the past, this marks a first for PokerStars, and the security team will be scrambling to make sure that future tournaments are protected.