Winamax Latest to Succumb to Online Poker DDoS Attacks
The online poker industry has been plagued with distributed denial of service (DDoS) attacks in the past several months. While hacking attempts have happened in past years occasionally, the latest string of attacks has been more concentrated and focused. Licensed and unlicensed sites alike have been targeted with such strength that play has been disrupted for days at a time, sometimes longer.
There are many theories as to the reasons for the attacks, but there seems to be little coordination except that all of the sites are top online poker providers. The DDoS attacks clearly disrupted several tournament series for sites like PokerStars, PartyPoker, and 888poker, but the same cannot be said for the most recent target, Winamax.
All in all, the multi-faceted attacks on Winamax, the leading online poker site in the French market, put the tally of sites on the target list up to eight. According to Nick Jones of Poker Industry PRO, those eight operators are in the top 10 in the world.
Top 10 online poker networks by cash game traffic, and whether they have been hit with a confirmed DDoS ☠️or not👌in last two months:
☠️PokerStars
👌IDN
☠️PokerStars EU
☠️partypoker
☠️Winamax
☠️GG Network
👌Bodog
☠️888
☠️WPN
☠️PokerStars Italy https://t.co/YV7OmeOPce— Nick Jones (@pokerprojones) September 24, 2018
It is clear that this is no coincidence.
Winamax Disrupted
It happened to Winamax. The French-based online poker operator was the target of multiple cyberattacks last weekend and issued a statement. Numerous games were cancelled as players were disconnected from their cash game and tournament action and unable to reconnect. The operator realized the problem but could not stave off the attack for several days.
The notice was pushed out to players on multiple platforms, including Twitter, in both English and French. It read, in part, as follows:
“These malicious acts (called DDoS in computer jargon) are unfortunately common on the internet and are completely out of our control. These only affect a very small amount of players; the majority of players stay connected and can continue to play as normal. However, in order to keep proceedings fair, and in order for the disconnected players to not be put in an unfavourable position compared to the players who can continue playing, Winamax voluntarily interrupts all tournaments.
“Neither the quality of Winamax servers nor the quality of our cyber security are called into question because of these attacks. They have no impact on the players’ data or funds, which are completely secure.
“Players who have been affected by the stoppage will be fully reimbursed according to article 3.2 of our poker terms and conditions. Reimbursement will be automatic; you will not need to take any further action.
“Preventing this kind of situation from ever recurring is our technical team’s number one priority.
“We apologise for the issues caused throughout the weekend, and thank you for your patience and understanding.”
[IMPORTANT] Information concernant les perturbations de ce week-end sur Winamax. pic.twitter.com/vqIKm7B08c
— Winamax Poker 🔞 (@Winamax) September 23, 2018
August and September Attacks
It was only weeks ago that 888poker fell victim to DDoS attacks, which were identified as such but not before disrupting nearly a week of cash games and tournaments, including many events in the final portion of the 888poker ChampionChips series.
As with most of the attacks, those affecting 888poker players began during the week but continued through a weekend. Since Sunday is the busiest day on most online poker sites, the attackers seem to find ways to carry the incidences on through that day of the week.
The 888poker attacks followed DDoS incidents that targeted PokerStars, PartyPoker, and Americas Cardroom, as well as the entire Winning Poker Network and the GG Network, the latter of which consists of mostly Asia-facing sites. All of the operators recognized the signs of the DDoS attack rather quickly, though they varied in the timing of their public responses and ability to stop the cyberattacks.
Why Online Poker?
Since all of the major sites seem to have been affected in the past couple of months, it is unlikely that any of the operators participated in orchestrating the attacks, as some have speculated. While IDN and Bodog are the only top 10 operators not yet targeted, they could very well have staved off attacks or be facing their own DDoS problems in the near future.
Sites that are publicly-traded and ones that are registered only as offshore sites have all been victims. And it seems that all of the operators were affected on or through a weekend of poker action, the costliest time for each of them to have to reimburse customers. However, none of the operators have admitted to being faced with a ransom request or paying said ransom.
A DDoS attack consists of the perpetrator incessantly sending large amounts of traffic to IP addresses, which can quickly overwhelm a server, especially when coming from multiple sources at once. And at the point that an attack begins, it becomes very difficult to stop it. That leaves the best solution as implementing resources to prevent the attacks in the first place. There are articles upon articles on the internet pertaining to such prevention options, but it is likely that most poker operators online are already familiar with them. Sites like PokerStars would likely take every available precaution to prevent cyberattacks, so it is unclear what – if anything – further could be done.
For now, all online poker operators are on high alert, especially ones that have yet to be targeted.
