Joseph Garrison, one of the youths who staged cyber fraud involving DraftKings Sportsbook accounts in 2022, has pleaded guilty, accepting an 18-month prison sentence.

The 19-year-old was involved in a credential surfing attack. Along with other conspirators Garrison exploited system vulnerabilities to steal $600,000 from DraftKings users whose credentials had been stolen in other data breaches.

In total, over 1,600 sports betting accounts were affected. Garrison allegedly bragged to friends about the cyberattack, telling them that “fraud is fun.”

The cyberattack not only hurt many victims but also undermined confidence in DraftKings’ ability to protect its customers. As a result, the young man had to receive a sentence that reflected the caliber of the crime. According to attorney Damian Williams, “The sentencing underscores the urgent need for vigilance and the critical importance of our collective efforts in combating cyber threats and safeguarding digital integrity.”

Garrison Will Spend 3 Years on Supervised Release

As mentioned, Garrison is set to serve 18 months in prison. Following that, he will spend three years on supervised release.

In addition to his time in prison, Garrison will have to pay $1.3 million in restitution and $175,000 in forfeiture.

The DraftKings incident, however, is not the only time Garrison has been involved in legal trouble. The young man currently has a legal matter in Wisconsin where he allegedly used Bitcoin to pay another party that would call in several bomb threats to his school.

Two of Garrison’s Co-Conspirators Were Arraigned

In the meantime, Nathan Austad and Kamerin Stokes, two of Garrison’s alleged conspirators, were just arrested and arraigned. The latter allegedly paid Garrison to gain access to DraftKings Sportsbook accounts and then re-sold them online.

Austad, on the other hand, leveraged artificial intelligence to promote a shop of stolen user accounts. In addition to that, he allegedly managed cryptocurrency wallets that received approximately $465,000 in proceeds from credential-stuffing attacks and the sale of compromised data.

As a result of their alleged participation in the conspiracy, the two youths risk up to 20 years in prison.

The post Youth to Serve 18 Months in Prison for DraftKings Cyber Fraud appeared first on Keno Wizard.

According to the Justice Department, a coalition of law enforcement agencies in Europe and the United States has been able to foil the plans of the hacker organization which launched a series of attacks on the hospitality and gaming sector in the USA, and notably targeted gaming and hospitality company MGM.

Hackers Mount Debilitating Attacks Against Gaming and Hospitality Sector

Back in September, a piece of software called Alphv caused a temporary shutdown of operations at the company, suspending anything from hotel keycards to email systems, to blocking virtually every function that was controlled through a digital system, which, in a highly centralized multi-million business, is pretty much most of it.

MGM has reported losses of up to $100 million because of this attack, although the Q3 results of the company stood strong, and although they acknowledged the tally, no profound impact was felt on the operator’s financial outlook.

The attacks sustained by MGM and other parties involve a special encryption virus to lock away victims’ data and demand ransom to release the files. Many victims have caved in and paid the money, but some stood tall and let the competent authorities sort the mess.

This is understandable as hackers threaten to publish sensitive information and continue to deny access to the information unless their demands are met. Now, though, the FBI has worked out a decryption tool that can crack through the code and release data, essentially allowing any victim to use the key to access their information and clear up Alphv from their system.

Yet, this does not completely eliminate the issue of sharing private data online, although most companies notify their clients about the breach and advise them to be extra cautious and check their credit histories in case a bad actor is misusing their private data.

Alphv Is No More, But Threat Remains Unchanged

However, authorities have been working on the matter with Alphv’s official website, once used to publicly threaten victims, now having been overtaken by law enforcement.

The FBI has confirmed that it uses sources within the cyber community to help guide its investigation and ensure that it is adequately prepared to counter the dangers that arise from such attacks. Yet, the risks for the gaming and hospitality industry are growing as international groups are coming together to secure common goals such as accessing sensitive information.

The group behind Alph is believed to be Russian, or at least Russian-speaking and residing in the country, where Western law enforcement agencies have no jurisdiction. In this case, though, the group is said to have partnered with English-speaking hackers, which is rare for operations of this kind, as cross-border cooperation exposes hackers to vulnerabilities and leaks.

MGM has mostly absorbed the attack, and despite the newly posed threat that are hackers who specifically target the gaming and hospitality sector, analysts are fairly confident that markets are unlikely to falter in the face of such incidents.

The post FBI Claps Back at MGM Cyber Criminals with Decryption Tool appeared first on Keno Wizard.

The largest technical standards development organization focused on creating standards for the global gaming industry, the International Gaming Standards Association (IGSA), announced it forged a new committee that seeks to elevate the standards for cybersecurity. Confirmation about the new Cyber Resiliency Committee (CRC) came Thursday and it comes amid an increasing concern about a growing number of cybersecurity threats and issues.

IGSA confirmed that the new Committee is supported by experts within the gambling sector and recognizable companies, including AXES.ai, Light & Wonder, as well as Aristocrat Technologies. Ultimately, the CRC is expected to help develop standards for cybersecurity governance, cyber risk management, as well as a framework control standard for the gambling sector and operators within the sector.

The announcement about the new Committee comes after earlier this year, IGSA announced the development of a Responsible Gaming Committee (RGC) in an effort to elevate responsible gambling standards and help reduce problem gambling. At the time of the announcement, IGSA revealed that the RGC will help its members better tackle problem gambling and strengthen their responsible gaming efforts.

The New Initiative Brings Excitement

Peter DeRaedt, IGSA’s president, spoke about the recently created CRC, revealing that it represents the efforts of the Association to develop a cyber standard that protects the gambling sector. He outlined that the new Committee is developed with the efforts of Gold and Platinum IGSA members.

Moreover, DeRaedt added: “This committee will solicit experts within our membership to create ready-to-use standards to improve cyber resilience.” Finally, he thanked IGSA’s chairman, Earle G. Hall, for accepting the role of interim chair of the CRC.

“IGSA is being called to lead a concerted effort to create cyber standards to protect our industry and that is exactly what we will do thanks to the incredible leadership within our Platinum and Gold members.“

Peter DeRaedt, president of IGSA

Hall, who also serves as the CEO of AXES.ai and chairman of IGSA, added that it is great to see members of the Association join forces to address a number of rising cybersecurity issues for the gambling sector. “Our members are clear that cybersecurity has to be a top priority for all gaming suppliers in our industry to protect operators and our industry at large,” he added. Finally, he thanked Light & Wonder and Aristocrat for their efforts in this initiative.

Earlier this year, IGSA announced the creation of its Ethical AI Committee. This was another effort by the Association to improve the gambling sector as a whole in addition to other important initiatives.

The post IGSA Confirms Creation of Cyber Resiliency Committee appeared first on Keno Wizard.