Webscraping allows hackers to hit online gambling sites with botnets

Online gambling sites are being hit by hackers who are using botnets that fix the odds to ensure large winnings.
 

Guri Geva, regional director for the UK, Northern Europe and Israel at Radware, claimed that by using scripts, scammers are simulating the actions of legitimate gamblers and gathering information that can be used to increase the odds of winning bets.

Since the scripts simulate real user behaviour, they are very hard to track by regular security tools and can even be used for money laundering purposes.

Geva said: “Online gambling is all based on the web, so hackers can go in and use ‘web scraping' tactics to take the details. They will use bots to grab the odds and use arbitration systems to play the odds at a better level that will mean that they are guaranteed to win.

“They are using the bot to simulate a user: they collect the odds, arbitrate and gamble and it is very hard to track by standard security tools as the way that it works simulates regular user activity.

“The hacker can use the bot to manipulate the odds to improve the winning margin; it can also measure times so it can hit the site when it is at its busiest, going as undetected as possible.”

With the online gambling industry predicted to be worth $125 billion by 2015, this could become a major issue for the gambling industry. However, Geva claimed that the problem can be countered by enabling the sites to detect scam attacks as they happen through transparent real time analysis of user behaviours.

“Webscraping is going on all of the time; it can steal information from a website, put the details on to another and redirect people to it. This can lead to fraud and even phishing, you could blacklist IP addresses but that will require a lot of time”, said Geva.

See original article on scmagazineuk.com