back to article DraftKings rides to court, asks to unmask 10 DDoS suspects

A US sports gaming company is asking permission to unmask 10 people it believes were behind a massive DDoS attack on its website earlier this month. DraftKings, based out of Boston, MA, has filed [PDF] with the Massachusetts US District Court for authorization to force ISPs around the US to turn over the identities linked to …

  1. IceC0ld Bronze badge

    SHOULD they be allowed to ?

    Should DraftKings be able to unmask the attackers, the company plans to sue each for violation of the Computer Fraud and Abuse Act.

    ====

    so far as I can see, this appears to be the classic open and shut case, Co was DDOS'ed, they have IP's of those involved, so surely the ISP should just hand over details, and lets all head to court, but wasn't there an issue a wee while back where the bad guys 'spoofed **' the IP's ? so how are they SO certain that these addresses are THE addresses they are looking for?

    ** not sure of the correct term

    1. vir

      Re: SHOULD they be allowed to ?

      Shocker: the IP address is...someone's smart light bulb.

      That would be a great case name through: Draft Kings vs. A Philips Hue Light Bulb.

      1. whoseyourdaddy

        Re: SHOULD they be allowed to ?

        "That would be a great case name through: Draft Kings vs. A Philips Hue Light Bulb."

        Coffee deficit? Hue uses Zigbee through a Hue Bridge, which NAT shares my single Comcast TCP with all devices using my WiFi.

    2. Nick Kew Silver badge

      Re: SHOULD they be allowed to ?

      so far as I can see, this appears to be the classic open and shut case, Co was DDOS'ed, they have IP's of those involved,

      That's what they claim. They'll have to convince a court of it if they want a court order.

      so surely the ISP should just hand over details,

      ISPs should respect their users' privacy until and unless ordered by a court to do otherwise. It's the same story as, for example, allegations of DMCA violations. Of course, the ISP might itself have evidence of abuse on which to act, in which case reports from victims feed into that action, but that's a separate question.

      so how are they SO certain that these addresses are THE addresses they are looking for?

      They are addresses that need to be investigated. Let's not pre-judge the outcome of that investigation. This is a legal matter, not a politicised one where it suits someone's Agenda to point the finger at [villain-of-the-day].

    3. Kevin McMurtrie Silver badge

      Re: SHOULD they be allowed to ?

      The complaint is missing a LOT of details. It describes a DDoS but doesn't say what attributes of that were actually used. It could have been UDP with spoofed addresses, it could have been a highly targeted application attack over TCP, or it could be that their Node/React coder accidentally instructed several customers' browsers to attack.

      1. Elmer Phud Silver badge

        Re: SHOULD they be allowed to ?

        It's like an email I got from BT where, apparently, I'd downloaded Fast and Furious number somethingorother.

        Considering I leave my BT side open to slurpers- it's still my IP address where the slurping comes from.

        I ignored the email.

        But, then who needs to download F&F?

        It's not as if it's not on TV all the time.

    4. TheVogon Silver badge

      Re: SHOULD they be allowed to ?

      "they have IP's of those involved"

      They apparently have the IPs of some systems that sent DDOS traffic. I'm not clear why they think that those would belong to whoever controlled the attack. That seems extremely unlikely.

  2. Anonymous Coward
    Anonymous Coward

    This - and the blackmail that usually accompanies it - happens all the time to the big sportsbooks. Draftkings are going to have to get used to it.

    As for the IPs, waste of time. They'll be botnet zombies.

  3. Maelstorm Bronze badge
    Facepalm

    Hmmm..

    I second the concerns raised here. Malware is rampant on computers these days, especially Windows PCs. Yes, the IP addresses that they have are the ones that attacked them. However, was it the person who is actually sitting at the computer doing it, or was the computer commanded to do so because it belongs to a botnet.

    These guys do know what a botnet is, right?

    A valid defense is that when the machine is examined, if malware is found, then what? Are they going to continue to sue an innocent person who had no idea that their computer was infected?

    "You were complacent in the attack because you allowed your computer to participate in it, even if it was without your knowledge and/or consent."

    That will go over real well in the courts and the media.

  4. Pascal Monett Silver badge

    “[..] the attack prevented [..] users from actively engaging with the [..] Website,”

    In other words, the DDoS prevented DraftKing users from . . gambling.

    Come on, if your site gets DDoSed and all you do is publish rankings, then your users are going to wait it out patiently until your site is online again and you're not losing money from users that are temporarily not "actively engaging".

    If you're loosing wads of money for a "sports" site because you're offline for half an hour, then your site is a gambling site.

    1. Anonymous Coward
      Anonymous Coward

      Re: “[..] the attack prevented [..] users from actively engaging with the [..] Website,”

      There's a specific legal definition of gambling in the states in which they operate, and their service doesn't meet that definition, so when they are taking legal action in the US, they are quite right to say it isn't gambling.

      1. Orv Silver badge

        Re: “[..] the attack prevented [..] users from actively engaging with the [..] Website,”

        In fact, fantasy sports got a specific carve-out in the anti-gambling statutes. It's fascinating really. There's a good write-up (and a video documentary, but that may be geo-blocked) here: https://www.pbs.org/wgbh/frontline/film/fantasy-sports-gamble/

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019