McMullan AGRI Conference 2009

8/8/2019 McMullan AGRI Conference 2009

http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 1/24

Cheating and Cybercrimes@ Gambling Sites.Com

John McMullan, PhDSaint Mary·s University

Aunshul Rege, PhD StudentRutgers University



Internet Gambling

Proliferation of cybercrimes

@ gambling sites; yet little

research done

Wood & Griffith (2008) ² cheating & perceptions of poker players;

American Gaming Association (2006) ² cheating & perceptions of internet casino players; McMullan & Rege (2007) ² cyberextortion &

internet gambling; CERT-LEXSI (2006) ² organized crime & internet

gambling

No systematic mapping of relationships between internet gambling and

criminal behaviour or cheating This presentation covers:

² Types of cheating and cybercrimes

² Techniques of cheating and cybercrimes

² Organizational dynamics of cheating and cybercrimes ² Legal challenges of cybercrimes



Methods

48 combinations of keywords 10 page, 100 item cutoff; 4800 docs Approx. 500 documents 2000 to 2008 timeframe

Document Analysis ² Availability ( Internet & Library) ² Accessibility

Internet (News sites; FinCEN;FATF)

Reports & White Papers ( I

nternetGambling Report IV ; GameDevelopers; Gaming Commissions)

Academic Databases (Sociological

Abstracts; EBSCO Academic SearchPremier; ACM Digital Library

- Search Criteria Technical skill

Tactical and strategic knowledge Division of labourOrganizational traits of cybercrime

- Credibility Authenticated websites

Triangulating sources

Registry of sources



Diversity of cybercrime

We uncovered hundreds of examples of alleged cheats and crimes related tointernet gambling

For purposes of this presentation, we focus on 24 case studies indexing thediversity of criminal conduct

Cheating (3): PokerSmoke; HoldemGenius; PartyPoker (JJProdigy) Collusion (3): FullTiltPoker; AbsolutePoker; UltimateBet

Malware and botnets (2): CheckRaised; BrotherSoft

Software exploitation (2): Cryptologic; Texas Hold ¶Em

Fraud (2): MaxLotto; India Lottery Scam

Money laundering (3): BetWWTS; Giordano; Uvari DDoS attacks (2): FullTiltPoker; TitanPoker

Cyberextortion (3): BetCris; Canbet; Multibet

Phishing and identity theft (4): Euromillion Espana;PartyPoker; Lucky7Lottery; Massachusetts State Lottery



Approach Internet crime is rational

Structured to enhance successful outcomes

Structured to manage problems of social control

² Opportunity

² Relations with victims ² Detection

² Prosecution

² Sanction

Different types of organizations emerge to survive in the digitalenvironment

² Techno-nomads

² Digital Associates

² Criminal Assemblages



Ten examples emphasizing someof the more complex criminalevents

Cheating & Techno Nomads

² PokerSmoke & HoldemGenius Collusion & Digital Associates

² AbsolutePoker & Ultimatebet

Identity Fraud & Criminal Networks

² Euromillion Espana & PartyPoker Cyberextortion & Criminal Networks

² Betcris & Canbet

Money Laundering & Criminal Networks

² Uvari Bookmaking Scheme & Giordano Group




AI programs

Hands-free, robotic poker player

Plays at level of a professional player in tournaments

Sophisticated Decision Engine

Advanced Neural Network Technology Memorized opponents· game styles, recognized betting

patterns, calculated pot and hand odds ² on auto-pilot!




Similar technology to PokerSmoke

Used in hundreds of online pokerrooms to increase edge over otherplayers

Fully functional website

Regular software upgrades Online tutorials

Customer support



Characteristics of Techno-nomads

Ranged in technical expertise: users, producers,

marketers

Worked alone or on ¶contract·

Underground economy: services, technical

knowledge, digital loot, training,manufacturing

Anonymous

Avoided contact with victims

Impersonation

Surprise attacks

Escapist/ lived in digital shadows

Evasion & Avoidance of Law/Security



Collusion & Digital Associates

Tokwiro and Kahwanake Commission

Player vigilance

NioNio·s win rate: $300,000 in 3,000 hands

Ten SD above average = winning onemillion dollar lottery six consecutive times

Nio Nio core of organized network of 19super accounts using 88 virtual persons tocheat players for 43 months ² May 04 ² Jan08.



Collusion & Digital Associates (ctd)

Software code allowed systemic cheating and theft ² take $25 mill US

Corporate Shell Game: Logic, Excapsa, Tokwiro, Blast Off Ltd.

3 Super Accounts Connected to W.S.P winner and former founder of UltimateBet

(aka. allegedly Russ Hamilton)

Detection, Prosecution, Penalty



Collusion & Digital Associates Teams in both one-off or ongoing projects: fraud, theft, small-

scale money laundering, seat stealing, and cheating scams

Tokwiro Enterprises and Kahnawake Gaming Commission

PotRipper aka A.J. Ripper aka allegedly to be A.J. Green

(former executive) Seven Superuser accounts

#363 aka allegedly to be Scott Tom (owner) ² inside access

Real-time information sharing of hole

cards Stole b/w 0.5 and 1 mill in 6 weeks

Detection, Prosecution, and Compensation



Other Digital Associates Business crimes

² Withholding winning revenue from players

² Fraud by fabricating phantom websites and malware to deceive wouldbe clients

² Identity theft

Employee/workplace crimes

² hacking into corporate data bases

² selling gaming information, software, and algorithmic programs[BetonSports, Cryptologic]

² small-scale organized crime

² money laundering through botnet manipulations and chip dumping

² online betting fraud [ India 2007]



Characteristics of Digital Associates Working Crafts

Routinization

Impersonation/multiple identities

Multiple, simultaneous targeting of victims

Small takes

Efficient Modus Operandi

Effective Modus V ivendi: evading detection, avoiding punishment

Managing Risk with V ictims

Size & density of sites, activities & users



Identity Fraud & Crime NetworksEuromillion Espana

Combined confidence cheating with identity theft

Multinational in scope

V alued at $200 mill.

OC groups in Spain, France, Australia, UK

Traditional tactics(social eng, fake docs)

Technological tactics(emails, fake sites)

Deceptive attack [tricked by fraudulent messages] Malware attack [use of malicious code to retrieve personal information] DNS attack [manipulate IP addresses to send personal information] 300 members of crime networks eventually arrested by undercover operation Yet crime networks remained regenerative



Identity Fraud & Crime Networks Well-organized phishing scam Created perfect replica of Party

Poker site

Hosted site on their own illegalservers

Sent spoofed email warning of Impact of new gambling law onPartyPoker users

Link to cloned site

Log in w/ personalinformation

² ID theft; playerimpersonation;playing credit theft; digital data

black marketing

Phishing Site Screenshot



Cyberextortion & Crime Networks Between 2000 and 2006, hundreds of gambling sites targeted for hundreds of

millions of dollars

British bookmakers alone in 2004 lost over $70 mill. to cyberextortion groups

DDoS attacks; digital shakedowns

Network Organization ² organizers; extenders; executors

Lateral networked structures:

² regenerative characteristics

² minimum personal contacts

² virtual recruitment via online mediums

- dispersed automatic hierarchy of authority

- top-down compartmentalization operation

- fluid flexible modus operandi



Tax Evasion, Avoidance & Crime Networks

Computer Emergency Response Team - Laboratoire d'EXpertise en Sécurité Informatique (CERT-LEXSI ) (2006).Online Gaming Cybercrime: CERT- LEXSI·S White Paper , July 2006.



Tax Evasion, Avoidance & Crime Networks

Uvari Group Illegal gambling

Criminal members scattered globally

Intermediary between gamblers and sport betting companies

Use of virtual and terrestrial Sites Uvari group opened accounts for

players in offshore markets ² Isle of Man, Curacao, etc

Traded player identities for incentives, bonuses, and tax benefits

Created hundreds of dummy accounts in Uvari names ² taxevasion for players on wins and tax deductions for losses for Uvarimembers on dummy accounts

Family bonds & entrepreneurial ties

Flat; networked structure; no hierarchy



Money Laundering & Crime Networks

Used shell corporations & bank accounts worldwide [Central America, Caribbean, and Hong Kong] to clean illicit capital

playwithal.com

² 40,000 customer accounts were used to move money throughgambling sites to offshore banks

Family affair

² Giordano (organizer)

² son-in-law (controller) ² Wife & daughter (finances)

Other members

² Clerks; runners; enforcers

Gambling sites as laundering enterprises



Characteristics of Crime Networks

Structured as businesses

Global in scope and modus operandi

More complex division of labour

Greater organizational prominence and persistence

Substantial financial takes and more complicated modus operandi

Dot.cons networks = international pods of loosely connected groups

Networks as nodal ¶contact points· for crimes

Rhizomatic structures/regenerative

Yet crime assemblages were higher risk events: fusion of internet galaxy and

terrestrial world Greater police ad private security interest

The ¶dialectics· of techno-war: opportunity reduction remedies vs. counterdetection measures

Private ¶fiefdoms· of security vs. industry-wide security

The rise of ¶civilian strikeback· measures



Legal Challenges

Revise standard laws ² Up-to-date technically

² Enact legal definitions for

virtual environments ² Harmonize definitions within nation states

Harmonize Legal Matters Across Jurisdictions ² Legal definitions

² Licensing agreements

² Evidence Admissibility

² On-site audits/inspections



Legal Challenges (ctd) Strengthen Transborder Enforcement

² Unified Legal Permissions

² Harmonize policing standards re: search & seizure, intangibledata, warrants, notifications, and storage of evidence

² Calibrate judicial approvals for the management andexecution of intercepted data and decrypted data so as topermit wide use in multilateral contexts

Improve ¶market solutions· to cybercrime

² Extend & rationalize relations between public and private

security ² Create industry-wide benchmarks for cybersecurity that are

cost-effective and applicable to all

² Establish new modified legal environments to galvanize

better technical preventative market-driven crime solutions



Thank you

Questions?

John McMullan, PhDSaint Mary·s University

Aunshul Rege, PhD StudentRutgers University

Documents

McMullan AGRI Conference 2009