Prolexic Issues Global Warning about Recent DDoS Blackmail Attempts Targeting Online Gambling Sites

Share Article

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today reported a troubling trend in DDoS attacks targeted at online gambling sites, with multiple attacks accompanied by extortion letters. During the past month, more than two dozen online gambling companies have come under attack and been targeted using similar attack methods. In recent days, multiple businesses in the online gambling sector have received extortion emails, demanding payments of up to US$50,000 to prevent new waves of DDoS attacks. The blackmail attempts have included escalation clauses, warning of increased size or frequency – as well as time-related price increases to stop them.

Prolexic Logo

“The online gambling industry should be on high alert. This appears to be a coordinated global threat. This is a focused level of effort accompanied by blackmail tactics, targeting a single industry in a compressed timeframe.”

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today reported a troubling trend in DDoS attacks targeted at online gambling sites, with multiple attacks accompanied by extortion letters.

During the past month, more than two dozen online gambling companies have come under attack and been targeted using similar attack methods. In recent days, multiple businesses in the online gambling sector have received extortion emails, demanding payments of up to US$50,000 to prevent new waves of DDoS attacks. The blackmail attempts have included escalation clauses, warning of increased size or frequency – as well as time-related price increases to stop them.

“The online gambling industry should be on high alert,” said Neal Quinn, chief operating officer at Prolexic. “This appears to be a coordinated global threat. This is a focused level of effort accompanied by blackmail tactics, targeting a single industry in a compressed timeframe.”

All the extortion attempts have mentioned DDoS capabilities associated with the Dirt Jumper DDoS toolkit, which the Prolexic Security Engineering and Response Team (PLXsert) first reported in a December threat advisory. The latest version of Dirt Jumper, v5, includes specific anti-DDoS functionality, designed to thwart protection services such as those offered by Prolexic.

“We’ve already identified and mitigated Dirt Jumper v5 attacks and instituted globalized rules to protect our customers. Our defenses have been fortified and our clients have been prepared,” Quinn said.

“Business in all industries should be vigilant against Dirt Jumper 5,” Quinn added. “Our experience shows that new DDoS threats frequently come to market in the online gambling industry before spreading to other targets.”

PLXsert offers a custom scanning tool called Dirt Dozer (dirtdozer.py) that enables security research teams and engineers to validate if any suspected HTTP command and control servers utilize any strains of the malware. Prolexic’s Dirt Dozer scanner is available free of charge and can be downloaded from http://www.prolexic.com/threatadvisories.

In the coming weeks, PLXsert will issue a public threat advisory on Dirt Jumper v5, including a detailed breakdown of attack signatures by attack type, as well as information on remediation and recommended mitigation strategies.

About the Prolexic Security Engineering & Response Team (PLXsert)

PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through data forensics and post attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers. By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

Details of Prolexic’s mitigation activities and insights into the latest tactics, types, targets and origins of global DDoS attacks are provided in quarterly reports published by the company. A complimentary copy of Prolexic's Q1 2012 Global DDoS Attack Report is available at http://www.prolexic.com/attackreports.

About Prolexic
Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Ten of the world’s largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit http://www.prolexic.com.

Contact:
Michael E. Donner                        
SVP, Chief Marketing Officer                    
Prolexic                         
media(at)prolexic(dot)com                        
+1 (954) 620 6017

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michael E. Donner
Visit website