PokerStars: DDoS/Hacks - a perspective

According to "bitnox," his brother's account was hacked for $100, and he says PS confirmed this, but refused to pay back the money. Being his first post at Cardschat, I was a bit suspicious of its content, but, in the end, I gave him the benefit of the doubt. That's just my way of saying, "Welcome to Cardschat". I also didn't want anything to happen to my funds, so I investigated.

My plan was to talk with savvy friends about recent cyber attacks. I did, and the first thing they told me was to forget about poker sites attacking one another, or about ex-employees sabotaging their former working sites. That was nonsense. They said the scale of recent attacks indicated heavy digital resources, the likes of which, and to which, states or highly organized groups like cartels and crime syndicates, have access.

My friends said DDoS attacks served many purposes other than disrupting on-goings at poker sites like PS, ACR, PP and 888, et al. But, they promised to keep me focused, so that was a talk we would explore at another time. DDoS attacks disrupted services and crashed tournaments at PS, but "bitnox" said his brother lost money already in his account, implying an extra kind of attack, one less likely committed by a state actor and more likely done by a criminal/criminal element.

If you think about it, however unlikely my friends thought it to be, this action also opened the possibility of two actors working together, or two separate actors working apart but over the same period of time with their own individual agendas - one being disruption caused by a state actor (for example Russia, Iran, North Korea, or China, as warned by South Korean intelligence, ect.,/DDoS), and the other being theft caused by criminals/criminal elements, ect., - profit.)

Experts spoke about cyber attacks at the TechCrunch Disrupt conference in San Francisco in 2017. They referred to attacks happening at that time as "the tip of the iceberg," and with an eye toward the future, said "...avoiding cyber hackers is nearly impossible regardless of security measures..." Its author, with hacking in mind, stated "prevention is not a cure" - likely meaning there will be successful attacks in years ahead no matter what steps are taken with mitigation. In other words, the rest of the icebergs flow this way.

My friends agreed with TechCrunch that all online poker sites are targets now and in future, and that all defenses are beatable through direct attack or by circumvention in particular because it is not always necessary to attack a site to get what predators want. It's only necessary to isolate the site, control the internet routes into and out of it, and to demand payment to lift what essentially becomes a digital siege - with or without the overwhelming impact of bots. In which case, DDoS attacks are exercises in sheer power to which the expected response by besieged sites would be to surrender, submit and pony up ransoms. This methodology can't be discounted, and is probably similar to what recently happened to PS, et al!? At times, my friends said, just the threat of such attacks gets predators what they want, most effectively where repeatedly paying targets are concerned, as such a good reason to not really harm the victim. My friends used this explanatory analogy, but had no way of knowing if really there had been contact between predators and recent victims about ransoms. The attacks, although specifically timed, appeared intermittent, but deliberately so. They believed this methodology explained the lack of access difficulties victimized sites endured.

My friends didn't forget "bitnox" either. Taken in good faith, his claims offer testimony that more than DDoS attacks possibly take place at PS - especially credible when state and criminal actors with separate agendas are known to be active. I'm not puzzled by the reaction PS had to hacking inquiries. What troubled my friends was that PS admitted DDoS attacks disrupted recent tournaments, but said nothing about the hacking of client accounts. Maybe, this was because the DDoS attacks were so publicly traumatic that PS had no choice but to say, and to do, something, anything. By the claims of "bitnox," by his brother's experience, hacking might be a fact of life at PS. When his claims on Cardschat were sent to PS for study and clarification, the response was that the e-mails had been forwarded to the team handling the issue, a reply insightful enough to point to knowledge about, and organization around, hacking - read attempted mitigations.

My friends remain concerned since, after more than a week's waiting, they have yet to hear from the PS team on the matter. Granted, PS has a duty towards confidentiality, but with fast communications, its silence on hacking is suspect. They concluded clients shouldn't expect any word from PS on hacking because, to be fair to the site, it's trying to protect its mitigation parameters, platform, profits, clients, activities and reputation - and because, oh, darn it, I forgot not to tell you, there's a big investigation going on.