Two recent arrests in Europe have been linked to the planned cyber attacks on a number of websites sites including the PokerStars, the biggest online poker website in the world. These individuals are said to be members of the extortion group, DD4BC, which is known for carrying out ransom-driven DDoS attacks against well known websites.
Europol, the investigating agency for European Union recently announced that two individuals belonging to the cyber-crime group DD4BC have been arrested in Bosnia and Herzegovina in Eastern Europe, one of whom is suspected to be the ring leader of the group.
DD4BC which means DDoS For BitCoins is a loosely structured group of hackers who take down a site with a Distributed Denial of Service attack (DDoS) attack if their blackmail demands are not met by the threatened website. In a DDoS attack, the target website is verloaded with repeated traffic from multiple sources, overwhelming it so much that it shuts down.
DD4BC started its attacks in early 2014 with its first victim being a bitcoin exchange company Bitalo Bitcoin. Their typical modus of operation is to launch an initial low-level DDoS attack on the website and then send in a demand for ‘payment’ in bitcoins. Failure to pay the ransom would result in an attack that is of a bigger scale rendering the website incapable of doing normal business, typically shutting it down.
Over the course of the past year, the group has attacked a number of websites. Its victims are said to include many businesses as well as government websites but it has particularly targeted websites belonging to the gambling industry. According to a report by tech company Akamai, over 50 percent of its attacks have been in the gambling sector and the DD4BC group has experienced relative success in bringing down some of the most popular online gambling websites in the industry.
PokerStars and NETeller are confirmed to have been attacked, whereas Betfair is suspected to have been a victim as well. Betfair’s website was attacked in April 2015, shutting down its betting exchange and fixed-odds sportsbook but no confirmation was given as to whether the attack originated from the DD4BC group.
In a statement, Europol, the European Union’s intelligence agency said,
The action was initiated as part of a global law enforcement response against the criminal organisation. Key members of the organised network were identified in Bosnia and Herzegovina by the UK Metropolitan Police Cyber Crime Unit (MPCCU) which provided vital information to the investigation. Police authorities from Australia, France, Japan, Romania, the USA, Switzerland and INTERPOL supported the coordinated activities.
Some of the other gambling websites attacked include Malta-based NRR Entertainment Ltd. (slottyvegas.com, betatcasino.com etc), Redbet.com, Nitrogen Sports, Betbtc.com among others.