Post on 10-Apr-2018
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 1/24
Cheating and Cybercrimes@ Gambling Sites.Com
John McMullan, PhDSaint Mary·s University
Aunshul Rege, PhD StudentRutgers University
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 2/24
Internet Gambling
Proliferation of cybercrimes
@ gambling sites; yet little
research done
Wood & Griffith (2008) ² cheating & perceptions of poker players;
American Gaming Association (2006) ² cheating & perceptions of internet casino players; McMullan & Rege (2007) ² cyberextortion &
internet gambling; CERT-LEXSI (2006) ² organized crime & internet
gambling
No systematic mapping of relationships between internet gambling and
criminal behaviour or cheating This presentation covers:
² Types of cheating and cybercrimes
² Techniques of cheating and cybercrimes
² Organizational dynamics of cheating and cybercrimes ² Legal challenges of cybercrimes
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 3/24
Methods
48 combinations of keywords 10 page, 100 item cutoff; 4800 docs Approx. 500 documents 2000 to 2008 timeframe
Document Analysis ² Availability ( Internet & Library) ² Accessibility
Internet (News sites; FinCEN;FATF)
Reports & White Papers ( I
nternetGambling Report IV ; GameDevelopers; Gaming Commissions)
Academic Databases (Sociological
Abstracts; EBSCO Academic SearchPremier; ACM Digital Library
- Search Criteria Technical skill
Tactical and strategic knowledge Division of labourOrganizational traits of cybercrime
- Credibility Authenticated websites
Triangulating sources
Registry of sources
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 4/24
Diversity of cybercrime
We uncovered hundreds of examples of alleged cheats and crimes related tointernet gambling
For purposes of this presentation, we focus on 24 case studies indexing thediversity of criminal conduct
Cheating (3): PokerSmoke; HoldemGenius; PartyPoker (JJProdigy) Collusion (3): FullTiltPoker; AbsolutePoker; UltimateBet
Malware and botnets (2): CheckRaised; BrotherSoft
Software exploitation (2): Cryptologic; Texas Hold ¶Em
Fraud (2): MaxLotto; India Lottery Scam
Money laundering (3): BetWWTS; Giordano; Uvari DDoS attacks (2): FullTiltPoker; TitanPoker
Cyberextortion (3): BetCris; Canbet; Multibet
Phishing and identity theft (4): Euromillion Espana;PartyPoker; Lucky7Lottery; Massachusetts State Lottery
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 5/24
Approach Internet crime is rational
Structured to enhance successful outcomes
Structured to manage problems of social control
² Opportunity
² Relations with victims ² Detection
² Prosecution
² Sanction
Different types of organizations emerge to survive in the digitalenvironment
² Techno-nomads
² Digital Associates
² Criminal Assemblages
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 6/24
Ten examples emphasizing someof the more complex criminalevents
Cheating & Techno Nomads
² PokerSmoke & HoldemGenius Collusion & Digital Associates
² AbsolutePoker & Ultimatebet
Identity Fraud & Criminal Networks
² Euromillion Espana & PartyPoker Cyberextortion & Criminal Networks
² Betcris & Canbet
Money Laundering & Criminal Networks
² Uvari Bookmaking Scheme & Giordano Group
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 7/24
Cheating & Techno Nomads
AI programs
Hands-free, robotic poker player
Plays at level of a professional player in tournaments
Sophisticated Decision Engine
Advanced Neural Network Technology Memorized opponents· game styles, recognized betting
patterns, calculated pot and hand odds ² on auto-pilot!
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 8/24
Cheating & Techno Nomads
Similar technology to PokerSmoke
Used in hundreds of online pokerrooms to increase edge over otherplayers
Fully functional website
Regular software upgrades Online tutorials
Customer support
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 9/24
Characteristics of Techno-nomads
Ranged in technical expertise: users, producers,
marketers
Worked alone or on ¶contract·
Underground economy: services, technical
knowledge, digital loot, training,manufacturing
Anonymous
Avoided contact with victims
Impersonation
Surprise attacks
Escapist/ lived in digital shadows
Evasion & Avoidance of Law/Security
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 10/24
Collusion & Digital Associates
Tokwiro and Kahwanake Commission
Player vigilance
NioNio·s win rate: $300,000 in 3,000 hands
Ten SD above average = winning onemillion dollar lottery six consecutive times
Nio Nio core of organized network of 19super accounts using 88 virtual persons tocheat players for 43 months ² May 04 ² Jan08.
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 11/24
Collusion & Digital Associates (ctd)
Software code allowed systemic cheating and theft ² take $25 mill US
Corporate Shell Game: Logic, Excapsa, Tokwiro, Blast Off Ltd.
3 Super Accounts Connected to W.S.P winner and former founder of UltimateBet
(aka. allegedly Russ Hamilton)
Detection, Prosecution, Penalty
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 12/24
Collusion & Digital Associates Teams in both one-off or ongoing projects: fraud, theft, small-
scale money laundering, seat stealing, and cheating scams
Tokwiro Enterprises and Kahnawake Gaming Commission
PotRipper aka A.J. Ripper aka allegedly to be A.J. Green
(former executive) Seven Superuser accounts
#363 aka allegedly to be Scott Tom (owner) ² inside access
Real-time information sharing of hole
cards Stole b/w 0.5 and 1 mill in 6 weeks
Detection, Prosecution, and Compensation
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 13/24
Other Digital Associates Business crimes
² Withholding winning revenue from players
² Fraud by fabricating phantom websites and malware to deceive wouldbe clients
² Identity theft
Employee/workplace crimes
² hacking into corporate data bases
² selling gaming information, software, and algorithmic programs[BetonSports, Cryptologic]
² small-scale organized crime
² money laundering through botnet manipulations and chip dumping
² online betting fraud [ India 2007]
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 14/24
Characteristics of Digital Associates Working Crafts
Routinization
Impersonation/multiple identities
Multiple, simultaneous targeting of victims
Small takes
Efficient Modus Operandi
Effective Modus V ivendi: evading detection, avoiding punishment
Managing Risk with V ictims
Size & density of sites, activities & users
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 15/24
Identity Fraud & Crime NetworksEuromillion Espana
Combined confidence cheating with identity theft
Multinational in scope
V alued at $200 mill.
OC groups in Spain, France, Australia, UK
Traditional tactics(social eng, fake docs)
Technological tactics(emails, fake sites)
Deceptive attack [tricked by fraudulent messages] Malware attack [use of malicious code to retrieve personal information] DNS attack [manipulate IP addresses to send personal information] 300 members of crime networks eventually arrested by undercover operation Yet crime networks remained regenerative
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 16/24
Identity Fraud & Crime Networks Well-organized phishing scam Created perfect replica of Party
Poker site
Hosted site on their own illegalservers
Sent spoofed email warning of Impact of new gambling law onPartyPoker users
Link to cloned site
Log in w/ personalinformation
² ID theft; playerimpersonation;playing credit theft; digital data
black marketing
Phishing Site Screenshot
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 17/24
Cyberextortion & Crime Networks Between 2000 and 2006, hundreds of gambling sites targeted for hundreds of
millions of dollars
British bookmakers alone in 2004 lost over $70 mill. to cyberextortion groups
DDoS attacks; digital shakedowns
Network Organization ² organizers; extenders; executors
Lateral networked structures:
² regenerative characteristics
² minimum personal contacts
² virtual recruitment via online mediums
- dispersed automatic hierarchy of authority
- top-down compartmentalization operation
- fluid flexible modus operandi
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 18/24
Tax Evasion, Avoidance & Crime Networks
Computer Emergency Response Team - Laboratoire d'EXpertise en Sécurité Informatique (CERT-LEXSI ) (2006).Online Gaming Cybercrime: CERT- LEXSI·S White Paper , July 2006.
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 19/24
Tax Evasion, Avoidance & Crime Networks
Uvari Group Illegal gambling
Criminal members scattered globally
Intermediary between gamblers and sport betting companies
Use of virtual and terrestrial Sites Uvari group opened accounts for
players in offshore markets ² Isle of Man, Curacao, etc
Traded player identities for incentives, bonuses, and tax benefits
Created hundreds of dummy accounts in Uvari names ² taxevasion for players on wins and tax deductions for losses for Uvarimembers on dummy accounts
Family bonds & entrepreneurial ties
Flat; networked structure; no hierarchy
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 20/24
Money Laundering & Crime Networks
Used shell corporations & bank accounts worldwide [Central America, Caribbean, and Hong Kong] to clean illicit capital
playwithal.com
² 40,000 customer accounts were used to move money throughgambling sites to offshore banks
Family affair
² Giordano (organizer)
² son-in-law (controller) ² Wife & daughter (finances)
Other members
² Clerks; runners; enforcers
Gambling sites as laundering enterprises
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 21/24
Characteristics of Crime Networks
Structured as businesses
Global in scope and modus operandi
More complex division of labour
Greater organizational prominence and persistence
Substantial financial takes and more complicated modus operandi
Dot.cons networks = international pods of loosely connected groups
Networks as nodal ¶contact points· for crimes
Rhizomatic structures/regenerative
Yet crime assemblages were higher risk events: fusion of internet galaxy and
terrestrial world Greater police ad private security interest
The ¶dialectics· of techno-war: opportunity reduction remedies vs. counterdetection measures
Private ¶fiefdoms· of security vs. industry-wide security
The rise of ¶civilian strikeback· measures
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 22/24
Legal Challenges
Revise standard laws ² Up-to-date technically
² Enact legal definitions for
virtual environments ² Harmonize definitions within nation states
Harmonize Legal Matters Across Jurisdictions ² Legal definitions
² Licensing agreements
² Evidence Admissibility
² On-site audits/inspections
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 23/24
Legal Challenges (ctd) Strengthen Transborder Enforcement
² Unified Legal Permissions
² Harmonize policing standards re: search & seizure, intangibledata, warrants, notifications, and storage of evidence
² Calibrate judicial approvals for the management andexecution of intercepted data and decrypted data so as topermit wide use in multilateral contexts
Improve ¶market solutions· to cybercrime
² Extend & rationalize relations between public and private
security ² Create industry-wide benchmarks for cybersecurity that are
cost-effective and applicable to all
² Establish new modified legal environments to galvanize
better technical preventative market-driven crime solutions
8/8/2019 McMullan AGRI Conference 2009
http://slidepdf.com/reader/full/mcmullan-agri-conference-2009 24/24
Thank you
Questions?
John McMullan, PhDSaint Mary·s University
Aunshul Rege, PhD StudentRutgers University