DraftKings wins court order to unmask DDoS attackers

draftkings-ddos-attack-court-order

draftkings-ddos-attack-court-orderDaily fantasy / sports betting operator DraftKings is taking legal action to unmask the perpetrators of a distributed denial of service (DDoS) attack against its website.

Last Thursday, DraftKings filed a complaint with the US District Court for Massachusetts alleging that 10 unidentified defendants launched a DDoS assault that knocked DraftKings’ website offline for 26 minutes on August 8. The company insisted that no confidential company or customer data was accessed during the attack.

DraftKings traced the source of the data bombardment to a number of internet service providers (ISP), and asked the court for the right to subpoena these ISPs to uncover the identities behind the IP addresses that launched the attacks.

DraftKings says the first DDoS attack came on August 7, but the company’s digital defenses were able to blunt this attack. A larger attack was launched the following day that involved three times the normal volume of requests the site usually handles.

DraftKings contacted Buffalo-based co-location and cloud services provider ColoCrossing, clients of which DraftKings claims were the source of 75% of the DDoS attack. ColoCrossing said the IP addresses in question were leased or operated by a Romanian proxy service provider, HighProxies.com, and stated that this company would “advise and deal with these issues.” DraftKings says it’s yet to receive a reply from the Romanian firm.

DraftKings claims that, on multiple occasions, ColoCrossing refused to provide DraftKings with any information regarding the alleged attackers without a subpoena. ColoCrossing’s parent company Deluxe Corp similarly refused to provide any info without a court order.

Last Friday, Massachusetts federal Judge Mark Wolf issued the order authorizing DraftKings to subpoena the companies to obtain the desired user info.

DraftKings recently shed its pure fantasy roots by branching out into sports betting, becoming the first operator in New Jersey’s regulated online gambling market to launch a mobile betting app. The DDoS attacks began shortly after the app’s launch, but DraftKings insists the timing is coincidental.

Online sportsbooks and poker sites are among the top targets for DDoS attacks, given their relationship to specifically timed sports events and tournaments. The attack on DraftKings appears to have been fairly weak, given the growing popularity of ‘amplified’ DDoS attacks, the unprecedented scale of which has alarmed many security researchers.