1 / 24

Cheating and Cybercrimes @ Gambling Sites.Com

Cheating and Cybercrimes @ Gambling Sites.Com. John McMullan, PhD Saint Mary’s University Aunshul Rege, PhD Student Rutgers University. Internet Gambling. Proliferation of cybercrimes @ gambling sites; yet little research done

vicki
Download Presentation

Cheating and Cybercrimes @ Gambling Sites.Com

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cheating and Cybercrimes @ Gambling Sites.Com John McMullan, PhD Saint Mary’s University Aunshul Rege, PhD Student Rutgers University

  2. Internet Gambling • Proliferation of cybercrimes @ gambling sites; yet little research done • Wood & Griffith (2008) – cheating & perceptions of poker players; American Gaming Association (2006) – cheating & perceptions of internet casino players; McMullan & Rege (2007) – cyberextortion & internet gambling; CERT-LEXSI (2006) – organized crime & internet gambling • No systematic mapping of relationships between internet gambling and criminal behaviour or cheating • This presentation covers: • Types of cheating and cybercrimes • Techniques of cheating and cybercrimes • Organizational dynamics of cheating and cybercrimes • Legal challenges of cybercrimes

  3. Methods • 48 combinations of keywords • 10 page, 100 item cutoff; 4800 docs • Approx. 500 documents • 2000 to 2008 timeframe • Document Analysis • Availability (Internet & Library) • Accessibility • Internet (News sites; FinCEN; FATF) • Reports & White Papers (Internet Gambling Report IV; Game Developers; Gaming Commissions) • Academic Databases (Sociological Abstracts; EBSCO Academic Search Premier; ACM Digital Library • - Search Criteria • Technical skill • Tactical and strategic knowledge • Division of labour • Organizational traits of cybercrime • - Credibility • Authenticated websites • Triangulating sources • Registry of sources

  4. Diversity of cybercrime • We uncovered hundreds of examples of alleged cheats and crimes related to internet gambling • For purposes of this presentation, we focus on 24 case studies indexing the diversity of criminal conduct • Cheating (3): PokerSmoke; HoldemGenius; PartyPoker (JJProdigy) • Collusion (3): FullTiltPoker; AbsolutePoker; UltimateBet • Malware and botnets (2): CheckRaised; BrotherSoft • Software exploitation (2): Cryptologic; Texas Hold ‘Em • Fraud (2): MaxLotto; India Lottery Scam • Money laundering (3): BetWWTS; Giordano; Uvari • DDoS attacks (2): FullTiltPoker; TitanPoker • Cyberextortion (3): BetCris; Canbet; Multibet • Phishing and identity theft (4): Euromillion Espana; PartyPoker; Lucky7Lottery; Massachusetts State Lottery

  5. Approach • Internet crime is rational • Structured to enhance successful outcomes • Structured to manage problems of social control • Opportunity • Relations with victims • Detection • Prosecution • Sanction • Different types of organizations emerge to survive in the digital environment • Techno-nomads • Digital Associates • Criminal Assemblages

  6. Ten examples emphasizing some of the more complex criminal events • Cheating & Techno Nomads • PokerSmoke & HoldemGenius • Collusion & Digital Associates • AbsolutePoker & Ultimatebet • Identity Fraud & Criminal Networks • Euromillion Espana & PartyPoker • Cyberextortion & Criminal Networks • Betcris & Canbet • Money Laundering & Criminal Networks • Uvari Bookmaking Scheme & Giordano Group

  7. Cheating & Techno Nomads • AI programs • Hands-free, robotic poker player • Plays at level of a professional player in tournaments • Sophisticated Decision Engine • Advanced Neural Network Technology • Memorized opponents’ game styles, recognized betting patterns, calculated pot and hand odds – on auto-pilot!

  8. Cheating & Techno Nomads • Similar technology to PokerSmoke • Used in hundreds of online poker rooms to increase edge over other players • Fully functional website • Regular software upgrades • Online tutorials • Customer support

  9. Characteristics of Techno-nomads • Ranged in technical expertise: users, producers, marketers • Worked alone or on ‘contract’ • Underground economy: services, technical knowledge, digital loot, training, manufacturing • Anonymous • Avoided contact with victims • Impersonation • Surprise attacks • Escapist/ lived in digital shadows • Evasion & Avoidance of Law/Security

  10. Collusion & Digital Associates • Tokwiro and Kahwanake Commission • Player vigilance • NioNio’s win rate: $300,000 in 3,000 hands • Ten SD above average = winning one million dollar lottery six consecutive times • Nio Nio core of organized network of 19 super accounts using 88 virtual persons to cheat players for 43 months – May 04 – Jan 08.

  11. Collusion & Digital Associates (ctd) • Software code allowed systemic cheating and theft – take $25 mill US • Corporate Shell Game: Logic, Excapsa, Tokwiro, Blast Off Ltd. • 3 Super Accounts Connected to W.S.P winner and former founder of UltimateBet • (aka. allegedly Russ Hamilton) • Detection, Prosecution, Penalty

  12. Collusion & Digital Associates • Teams in both one-off or ongoing projects: fraud, theft, small-scale money laundering, seat stealing, and cheating scams • Tokwiro Enterprises and Kahnawake Gaming Commission • PotRipper aka A.J. Ripper aka allegedly to be A.J. Green (former executive) • Seven Superuser accounts • #363 aka allegedly to be Scott Tom (owner) – inside access • Real-time information sharing of hole cards • Stole b/w 0.5 and 1 mill in 6 weeks • Detection, Prosecution, and Compensation

  13. Other Digital Associates • Business crimes • Withholding winning revenue from players • Fraud by fabricating phantom websites and malware to deceive would be clients • Identity theft • Employee/workplace crimes • hacking into corporate data bases • selling gaming information, software, and algorithmic programs [BetonSports, Cryptologic] • small-scale organized crime • money laundering through botnet manipulations and chip dumping • online betting fraud [India 2007]

  14. Characteristics of Digital Associates • Working Crafts • Routinization • Impersonation/multiple identities • Multiple, simultaneous targeting of victims • Small takes • Efficient Modus Operandi • Effective Modus Vivendi: evading detection, avoiding punishment • Managing Risk with Victims • Size & density of sites, activities & users

  15. Identity Fraud & Crime Networks Euromillion Espana • Combined confidence cheating with identity theft • Multinational in scope • Valued at $200 mill. • OC groups in Spain, France, Australia, UK • Traditional tactics (social eng, fake docs) • Technological tactics (emails, fake sites) • Deceptive attack [tricked by fraudulent messages] • Malware attack [use of malicious code to retrieve personal information] • DNS attack [manipulate IP addresses to send personal information] • 300 members of crime networks eventually arrested by undercover operation • Yet crime networks remained regenerative

  16. Identity Fraud & Crime Networks Phishing Site Screenshot • Well-organized phishing scam • Created perfect replica of Party Poker site • Hosted site on their own illegal servers • Sent spoofed email warning of Impact of new gambling law onPartyPoker users • Link to cloned site • Log in w/ personalinformation • ID theft; playerimpersonation;playing credit theft; digital data black marketing

  17. Cyberextortion & Crime Networks • Between 2000 and 2006, hundreds of gambling sites targeted for hundreds of millions of dollars • British bookmakers alone in 2004 lost over $70 mill. to cyberextortion groups • DDoS attacks; digital shakedowns • Network Organization – organizers; extenders; executors • Lateral networked structures: • regenerative characteristics • minimum personal contacts • virtual recruitment via online mediums - dispersed automatic hierarchy of authority - top-down compartmentalization operation - fluid flexible modus operandi

  18. Tax Evasion, Avoidance & Crime Networks Computer Emergency Response Team - Laboratoire d'EXpertise en Sécurité Informatique (CERT-LEXSI) (2006). Online Gaming Cybercrime: CERT- LEXSI’S White Paper, July 2006.

  19. Tax Evasion, Avoidance & Crime Networks • Uvari Group • Illegal gambling • Criminal members scattered globally • Intermediary between gamblers and sport betting companies • Use of virtual and terrestrial Sites • Uvari group opened accounts for players in offshore markets – Isle of Man, Curacao, etc • Traded player identities for incentives, bonuses, and tax benefits • Created hundreds of dummy accounts in Uvari names – tax evasion for players on wins and tax deductions for losses for Uvari members on dummy accounts • Family bonds & entrepreneurial ties • Flat; networked structure; no hierarchy

  20. Money Laundering & Crime Networks Gambling sites as laundering enterprises • Used shell corporations & bank accounts worldwide [Central America, Caribbean, and Hong Kong] to clean illicit capital • playwithal.com • 40,000 customer accounts were used to move money through gambling sites to offshore banks • Family affair • Giordano (organizer) • son-in-law (controller) • Wife & daughter (finances) • Other members • Clerks; runners; enforcers

  21. Characteristics of Crime Networks • Structured as businesses • Global in scope and modus operandi • More complex division of labour • Greater organizational prominence and persistence • Substantial financial takes and more complicated modus operandi • Dot.cons networks = international pods of loosely connected groups • Networks as nodal ‘contact points’ for crimes • Rhizomatic structures/regenerative • Yet crime assemblages were higher risk events: fusion of internet galaxy and terrestrial world • Greater police ad private security interest • The ‘dialectics’ of techno-war: opportunity reduction remedies vs. counter detection measures • Private ‘fiefdoms’ of security vs. industry-wide security • The rise of ‘civilian strikeback’ measures

  22. Legal Challenges • Revise standard laws • Up-to-date technically • Enact legal definitions for virtual environments • Harmonize definitions within nation states • Harmonize Legal Matters Across Jurisdictions • Legal definitions • Licensing agreements • Evidence Admissibility • On-site audits/inspections

  23. Legal Challenges (ctd) • Strengthen Transborder Enforcement • Unified Legal Permissions • Harmonize policing standards re: search & seizure, intangible data, warrants, notifications, and storage of evidence • Calibrate judicial approvals for the management and execution of intercepted data and decrypted data so as to permit wide use in multilateral contexts • Improve ‘market solutions’ to cybercrime • Extend & rationalize relations between public and private security • Create industry-wide benchmarks for cybersecurity that are cost-effective and applicable to all • Establish new modified legal environments to galvanize better technical preventative market-driven crime solutions

  24. Thank youQuestions? John McMullan, PhD Saint Mary’s University Aunshul Rege, PhD Student Rutgers University

More Related