DDoS Attacks Target Partypoker, PokerStars

DDos attack, trojans, virus attack

Major online poker sites partypoker and PokerStars have been disrupted in recent days by apparent DDoS attacks, launched by party or parties unknown at present.

Two of the world’s largest online poker sites, partypoker and PokerStars, have endured periods of downtime and forced cancellations of tournaments in recent days after being targeted by confirmed or suspected DDoS (distributed denial of service) attacks. Both of the attack waves targeted the sites’ global “dot-com” gaming offerings, rather than being launched against their firewalled, single-jurisdiction offerings.

The attacks targeting partypoker began on August 9 and continued into August 11 or 12, with each attack wave consisting of a massive flood of data requests targeting its gaming servers. Partypoker confirmed the DDoS nature of the attacks late on August 9 and updated its customers via social media about the recurring waves and the ongoing mitigation efforts. Partypoker also released a formal statement about the attacks, the cancellation of tournaments, and an ongoing refund process for affected players.

That statement, issued as a formal apology for the unexpected downtime, expressed frustration about the nature of the DDoS attacks, without speculation as to the motive behind them. Tom Waters, partypoker managing director said: “The unfortunate events…were understandably frustrating for our players. After consideration, the decision was taken to pause and then subsequently cancel all affected tournaments.

“Our team worked hard to try to resolve the key issues. As poker players ourselves, we fully understand how frustrating it can be when an online poker room suffers technical issues, and we fully appreciate the considerable patience and understanding shown by our players in light of these difficulties.”

Additional commentary from partypoker

Partypoker received widespread praise from both its players and industry onlookers for its rapid response to the attacks, even as those attacks continued. VegasSlotsOnline received an additional statement from Colette Stewart, partypoker player rep and social specialist, who said: “The recent DDoS attacks were very unfortunate; however, we feel the team have done their very best to communicate and respond to as many of our players as possible during this very frustrating time. We greatly value our relationship with the player community and feel it is vital to be as open and transparent with our players as possible during such issues and, most importantly, ensure that we are available for player feedback and communication.

“In refunding affected players, we have ensured that every single cent collected in buy-ins, bounties, and fees has been refunded to players in addition to honoring the guarantees of tournaments that didn’t make the required entries due to the issues faced.

“All refunds have now been issued and, of course, should players wish to follow up in more detail or ask more questions about their specific refund, they should contact our 24/7 customer service line. The nature of ensuring the refunds were correct led to a delay that we simply hadn’t anticipated. We are sorry that it took us until Sunday to complete the process; however, we refunded players based on their chip stacks at the time that the disruption began and the data evaluation process was complex and took some time to complete.

“Finally, we are all poker players ourselves and fully appreciate the patience and loyalty of our players.”

PokerStars becomes the latest target

About the time the wave of attacks against partypoker ceased, a new wave of apparent DDoS attacks began targeting PokerStars. That attack wave started on August 12; Stars has not confirmed that these were explicitly DDoS attacks, but the recurring and intermittent nature of the “technical issues,” including forced disconnections affecting legitimate players, bears all the hallmarks of another DDoS attack.

Like partypoker and a third, smaller network (the Winning Poker Network) that also suffered several waves of DDoS attacks earlier in August, PokerStars has attempted to keep its players informed on the situation via social media.

“Apologies to all our players for the recent issues on PokerStars,” reads one of the site’s official Twitter posts, after nearly two days of the “technical issues.” “The players affected by this morning’s issues have already been credited & we aim to refund players affected by yesterday’s problems, with their equity at the time of disconnection, within 72 hours.”

Extortion central to most DDoS attacks

Modern DDoS attacks typically employ tens or hundreds of thousands of “zombie” computers — virus-laden devices scattered around the globe — that are commanded in harmony to send data requests to the targeted site to slow traffic to a crawl and make it useless for gambling-business activities. The “DDoS” moniker is commonly used to label several different forms of traffic-based online attacks designed to cripple the target site’s activity.

DDoS attacks have been an intermittent but occasionally recurring threat that has existed since online gambling’s earliest days. Similar attacks have targeted other forms of online commerce as well. Extortion, in the form of a promise to halt the attacks when the target pays a ransom to the attacker or attackers, is the most common motive behind the attacks.

One twist frequently seen in recent years is a demand by the blackmailers that payments be made in hard-to-trace cryptocurrencies such as Bitcoin. Whether a site victimized by an attack has made such a payment is virtually never disclosed in public, especially by publicly-traded firms. Most websites and networks impacted by such attacks incur heavy losses due to downtime and increased customer-service cost, but would rather incur that form of operating expense rather than give in to any kind of blackmail.