BetAmerica and Others Still Out Two Weeks After SBTech Cyberattack, DraftKings Merger Terms Revised

Posted on: April 9, 2020, 05:10h. 

Last updated on: April 9, 2020, 05:39h.

Almost two weeks after sports betting and lottery provider SBTech was hit by a cyberattack that forced it to shut down its global data centers, several US-regulated online gambling sites remain out of action.

BetAmerica has been “currently upgrading” for the past two weeks, a euphemism for “our software provider has been bulldozed by a sophisticated ransomware attack.” (Image: BetAmerica)

The length of the outage is unprecedented for the industry. Online gaming operators have routinely been targeted by cybercriminals since at least the early 2000s, but these are usually short-lived DDoS attacks, designed to temporarily disrupt normal services while companies are held to ransom.

As of Thursday evening, Churchill Downs’ BetAmerica — which relies on SBTech software for all its online services, including sports betting and casino — was still offline, leaving customers unable to access their funds.

The online sports betting arms of the Golden Nugget and Resorts Atlantic City are also still down.

But SBTech’s European partners, such as MansionBet, are now back online, as is the Oregon Lottery’s “Scoreboard” sports betting app.

Diamond Eagle Demands $30 Million

On Wednesday, Diamond Eagle Acquisition Corp (DEAC) demanded SBTech set aside $30 million in cash and stock that could be used to settle any litigation that might arise from the outage.

DEAC is a Los Angeles-based acquisition vehicle, which will merge with DraftKings to engineer the forthcoming reverse takeover of SBTech, paving the way for an IPO.

According to a filing with the Securities and Exchange Commission (SEC), if claims against SBTech exceed $30 million, DEAC would gain access to around $70 million in cash and shares that have already been put in escrow, per the terms of the original deal.

And if that’s not enough to settle future claims, DEAC would go after SBTech’s current owners, including founder and majority shareholder Shalom McKenzie, who has agreed to the amended terms.

Cryptoviral Extortion

The timing of the attack, just a few weeks before the DraftKings merger was expected to complete, is striking and bears the hallmarks of a ransomware attack launched by a sophisticated criminal group.

Cryptoviral extortion involves the encryption of a victim’s files, which renders them inaccessible until a ransom is paid or cybersecurity teams manage to regain control.

With the merger date looming, attackers may have believed SBTech would be more susceptible to paying ransom demands to help smooth the deal.

But the duration of the outage, and the piecemeal resumption of services would seem to suggest the company has been fighting the extortion attempt.

Diamond Eagle shareholders were scheduled to vote on the merger April 9, but that meeting has been postponed until next week.

Nevertheless, sources told iGaming Business Thursday that the deal was still expected to complete on schedule.