Risk
6/28/2010
08:17 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Hackers Busted In Online Poker Cheats

Korean police nabbed 33 hackers who were using bots to cheat online poker players from November 2009 through May of this year.

Korean police nabbed 33 hackers who were using bots to cheat online poker players from November 2009 through May of this year.I've heard of targeted cyber attacks, but this isn't something I'd previously considered: using botnet bots not to launch denial-of-service attacks, but to spy the hands of opposing card players.

This is from a story that ran in today's JoonAng Daily:

The Cyber Terror Response Center in Gyeonggi said the gang used a DDOS attack to infect 11,000 computers at 700 PC rooms across the country.

Police said Yu bought the "Netbot Attacker" program from a Chinese hacker last November, then sold copies online to Kim and others. The gang broke into the administrative systems of the PC rooms and installed the virus in their computers to allow them to see the hands of poker opponents.

According to the story, the 33 hackers cheated online poker players out of 55 million won, the equivalent on about $45,265. I'm sure the reporter meant that the attacker's used bots designed for DDOS attacks to infect the PCs, not that the PCs were infected through a DDOS attack.

Now, these bots are commonly used to launch attacks that swamp Web sites and servers with so much traffic that they can't keep up with requests and either become painfully slow or crash until the attack can be stopped or mitigated. However, one an end point is infected with a bot, that bot can be often used to download other types of attack software, or do other things on the system: which is apparently what these attackers chose to do with their poker cheats.

Online gaming is a popular target for online attacks, but usually it's the gaming site owner that is targeted, not the players. I wrote about such attacks in a story, Extortion Online, in late 2004.

In those threats, botnet operators were threatening to use their networks to make the gaming sites unavailable - unless they were paid $100,000 annually.

For my security and technology observations throughout the day, find me on Twitter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4774
Published: 2015-05-25
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via vectors involving a FRAME element.

CVE-2014-4778
Published: 2015-05-25
IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element.

CVE-2014-6190
Published: 2015-05-25
The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remote attackers to obtain sensitive information via a direct request for the URL of a log document.

CVE-2014-6192
Published: 2015-05-25
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-8926
Published: 2015-05-25
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a cr...

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.