The weekend was a whitewash for the French online poker room, Winamax, thanks to Distributed Denial of Service (DDoS) attacks, prompting the question why not attack PokerStars or partypoker?
In February of this year, a group that watches too much Mr Robot subjected the world’s dopest software development platform, Github, to the most substantial Distributed Denial of Service (DDoS) attack in history.
Techworld had this to say about the attacks.
“A new type of DDoS amplification attack hit the site {Github} for an astonishing 1.35 terabits per second through 126.9 million packets per second.”
The article continued:
“GitHub’s Sam Kottler said on 28 February a “significant” volumetric DDoS attack was identified, and it was using more than a thousand autonomous systems across tens of thousands of endpoints.
“The attack was an amplification attack of servers operating the open source distributed memory object caching system, Memcache.
“These servers listened to the UDP 11211 port by default until a recent update. If an attacker sends a memcached server a UDP packet with a spoofed IP address that requests statistics, Imperva explains, the Memcached server will send back an extremely large message to the victim. So attackers can direct enormous traffic at their victims by sending a small packet to these servers, without the need to control a botnet.”
When I first read the piece, the monkey that lives inside my head began banging the cymbals, and my eyes saw this on my computer screen.
“Blah, blah, blah, blah, what, blah, blah, too, blah, blah, dumb, blah, blah, don’t. Blah, get it, blah, blah, can, bla, I , blah, blah, write, about, blah, blah something, blah, blah else.”
So don’t expect a deep dive into the world of hi-tech thuggery, because I just don’t get it.
But this is what I do get.
As France was locking up the first man to ever fall foul of Emmanual Macron’s new cat-calling laws for three-years (he commented on a woman’s breasts, and grabbed her arse on a bus), someone, somewhere, woke up and ignored that interesting piece of news, while downing oats, and instead said, “I know, let’s subject Winamax to a DDoS attack, and demand a ransom.”
The cybercriminals pressed the big red button.
Winamax had to wipe out their entire weekend thanks to the disruption.
It’s the second time, in two months that the criminals have targeted Winamax with a DDoS attack, only this time they’ve been singled out. I find this odd because back in August (the last time Winamax had a beating) the bad boys and girls also fired a few guided missiles at PokerStars, partypoker and America’s Cardroom.
Now, I’m no cyber criminal (I did once steal a pack of Worcester sauce French Fries and got nabbed by the police), but if I were, I wouldn’t have subjected PokerStars and partypoker to DDoS attacks in August. I would have showered them with firey hail during the World Championships of Online Poker (WCOOP) and POWERFEST.
But that didn’t happen.
More than $160m changed hands between players and those two online poker rooms without as much as a D let alone a DDoS.
Now, that tells me one of two things.
Either the cybercriminals who attacked them in August know as much about online poker as I do about DDoS attacks, or the two online poker rooms altered something in their security protocols that prevented a DDoS attack from happening.
If it’s the latter, then why can’t they keep the thumb pressed down on these protocols, permanently?
Back to Winamax, and it’s not been a great few weeks after they lost a court case leading them to dismantle their live poker tour in France at the eleventh hour.
And now this.
Winamax apologised to their players in a statement issued via Twitter stating that the DDoS attacks only affect a small number of people, but still had to act.
“In order to keep proceedings fair, and in order for the disconnected players to not be put in an unfavourable position compared to the players who can continue playing, Winamax voluntarily interrupts all tournaments.”
The statement also said that the attacks have nothing to do with the quality of the Winamax serves or security systems, and to reassure people that player funds are safe.
Winamax will reimburse players who suffered throughout the disruption as per their TOCs.
Until the next time.