Cyber criminals continue to find clever ways of penetrating through the most secure webspaces. It is no surprise that most recently 2,500 gambling sites were attacked all at once by cyber criminals (explained by the verge HERE). A new hacking design was at the helm of the security breach which has opened the floodgates to potentially more unfortunate cases like this one. But, what exactly happened and why?
What?
Gambling site analysts have been playing close attention to their traffic in order to ensure a safe gaming environment for members. In fact, a whole list of new sites, including new bingo sites 2016 has welcomed in, have sophisticated monitoring systems that have made their customers feel safe and secure at all times throughout the gaming experience. So, how could this attack have happened on such a large scale?
A new attack design permeated through the systems, which not only allowed for a discreet compromise but also one that was far-reaching. Unlike other attacks which typically happen on servers themselves, this one took place on a network level. In fact, if one were to look at server logs, no strange behavior would be noticeable. It is the discreet nature of the breach which allowed for such a mass attack such as this one. As a result, homepages were rerouted to a dummy Romanian site and affiliate ID’s and tags were haphazardly being inserted throughout scripts.
But…How?
Investigators have been aggressively looking into the unfortunate issue, as they want to prevent anything of the sort to happen again. In that vein, the Romanian site has been taken down and things seem to be operating as normal. However, the script used to permeate systems still remains a mystery. These investigators believe that affiliate fraud is what the malicious entities were looking to achieve, which benefited them in the end, to a very small extent. Affiliate tags were added to product links via an elegant javascript code, which meant the hackers were getting a revenue share when all paying customers were sent to online stores. However, this is a common hack, and the small portion of revenue they were able to incur via the attack, does not explain the level of sophistication they were able to achieve.
And…Who?
Perhaps the greatest question of all is who exactly is responsible for the planning and execution of the hack? Although the answer to that question still remains unclear, there are suspicions around who that might be. In fact, just last year, gambling companies were found to have attacked rival companies in order to compromise business and get a lead in the saturated industry. Investigations and legal trials are still ongoing for this particular case, but suspicions arising around their implication in this mass-scale compromise has risen within industry leads. Such an intricately engineered attack would require a very specific knowledge of industry systems.
As online gambling sites and industry leaders work hard at maintaining the integrity and safety of their sites, it’s hard to believe that one of their own might be the culprit of such virtual disaster. Without doubt, those harmed by this most recent attack will be taking extra measures to avoid anything of the like to happen again in the near future. The future holds many questions to be answered for this particular industry and its safety within the online space.
Contribute by Brian Morgan
