Risk
6/28/2010
08:17 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Hackers Busted In Online Poker Cheats

Korean police nabbed 33 hackers who were using bots to cheat online poker players from November 2009 through May of this year.

Korean police nabbed 33 hackers who were using bots to cheat online poker players from November 2009 through May of this year.I've heard of targeted cyber attacks, but this isn't something I'd previously considered: using botnet bots not to launch denial-of-service attacks, but to spy the hands of opposing card players.

This is from a story that ran in today's JoonAng Daily:

The Cyber Terror Response Center in Gyeonggi said the gang used a DDOS attack to infect 11,000 computers at 700 PC rooms across the country.

Police said Yu bought the "Netbot Attacker" program from a Chinese hacker last November, then sold copies online to Kim and others. The gang broke into the administrative systems of the PC rooms and installed the virus in their computers to allow them to see the hands of poker opponents.

According to the story, the 33 hackers cheated online poker players out of 55 million won, the equivalent on about $45,265. I'm sure the reporter meant that the attacker's used bots designed for DDOS attacks to infect the PCs, not that the PCs were infected through a DDOS attack.

Now, these bots are commonly used to launch attacks that swamp Web sites and servers with so much traffic that they can't keep up with requests and either become painfully slow or crash until the attack can be stopped or mitigated. However, one an end point is infected with a bot, that bot can be often used to download other types of attack software, or do other things on the system: which is apparently what these attackers chose to do with their poker cheats.

Online gaming is a popular target for online attacks, but usually it's the gaming site owner that is targeted, not the players. I wrote about such attacks in a story, Extortion Online, in late 2004.

In those threats, botnet operators were threatening to use their networks to make the gaming sites unavailable - unless they were paid $100,000 annually.

For my security and technology observations throughout the day, find me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.