Online gambling sites face new DDoS threat from Android phones

Online gambling sites face new DDoS threat from Android phones

android-phone-ddos-attacksOnline gambling operators need to be aware of a new variety of distributed denial of service (DDoS) attacks that recently plagued websites around the globe.

This week, technology giant Google was forced to purge roughly 300 Android apps from its Google Play online market after researchers uncovered hidden malware that allowed a new botnet dubbed WireX to commandeer 70k mobile phones in over 100 countries to maliciously bombard websites with data.

The apps in question were mundane products offering ringtones, media players and the like, and were programmed to run in the background, allowing the WireX botnet’s organizers to harness the infected devices even when the dodgy apps weren’t being used.

In some instances, the people behind WireX contacted targeted websites to demand ransom before unleashing their botnet on those who didn’t pay. The attacks began slowly at the start of August, ramping up dramatically mid-month, after which researchers began sleuthing the source of the attacks.

Google’s official statement following the revelations said the company was “in the process of removing [the offending apps] from all affected devices.”

Online miscreants are getting more creative in their efforts to build ever larger botnets. Last fall, a new botnet dubbed Miral hijacked hundreds of thousands of unsecured Internet of Things devices to unleash DDoS attacks on a previously unimaginable scale.

Online gambling sites – particularly sportsbooks that rely on events centered around fixed dates on the calendar – are usually top targets for DDoS attacks. Last November, UK bookmaker William Hill’s website was knocked offline for days following an attack that was believed to be related to the Miral botnet.

Without looking to find humor in another’s misfortune, Hills’ struggles to regain control of its online presence prompted eye-rolls from some Costa Rica based operators, who, with their history of catering to the large US sports betting market, had been prime DDoS targets since the phenomenon began, and thus had achieved a high degree of security in warding off such attacks.