Players that were experiencing problems at Betat and Slotty Vegas over the weekend were notified that they were combating a Distributed Denial of Service attack.
Betat's notice to players included the details surrounding the ransom demand from the attackers, who call themselves "the DD4BC Team". They say they have previously conducted attacks on Neteller, Bit Coin Bounty Hunter and Excoin.
The following is the communication Betat Group initially received:
"Recently, we were DDoS-ing Neteller. You probably know it already.
"So, it’s your turn!
"Slottyvegas.com and betatcasino.com is going under attack unless you pay 10 Bitcoin."
"Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother.
"Right now we are running small demonstrative attack on your server.
"Don't worry, it will stop in 1 hour. It's just to prove that we are serious.
"We are aware that it's weekend and you might not have 10 BTC at the moment, so we are giving you time until Monday to get it and pay us.
"IMPORTANT: You don’t even have to reply. Just pay 10 BTC to XXXXXXXXX – we will know it’s you and you will never hear from us again.
"We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service.
"But if you ignore us, and don't pay until Monday, price to stop will go to 20 BTC and will keep going up for every hour of attack.
"It’s a one-time payment. Pay and you will not hear from us ever again!"
A Betat spokesman confirmed that the sites were hit with 45 Gbps of DDoS bandwidth on Monday.
"This attack was vicious, massive and wide spread and hit our entire range of sub-nets, even our CDN has been compromised (Content Delivery Network) as well as our AWS (Amazon's Cloud Service), said the spokesman on Tuesday.
"To say that 45Gbps of bandwidth is a lot is a gross understatement. These hackers have massive capacity and are highly organised.
"Luckily, we are well equipped to handle these kinds of attacked and while nothing of this magnitude has been recorded on both our front, nor on the service providers experience, we are highly confident that by end of the week we will have the situation under full control.
"That said, the next 5-7 days will be rough and our customers may experience times of inconsistent performance."
"They have now moved onto legitimate businesses," the spokesman said.
"I strongly suggest that you speak to your individual CTO's and re-visit your DDoS mitigation services and the resiliency of your network. The hacking group claims that they have 400-500 Gbps sustained DDosS capacity."
The spokesman also said that the DDoS assault is not a hack meaning player data is not at risk.
"Our systems are built in a way that segregates front end environments from any back end applications and databases. The data is never open to the public in any way.
"The most that can ever happen when playing on our sites, is that in case of an attack and/or a hack, website pages are exposed. The data structure is built on an internal network and bets communicate over an encrypted "backbone" channel - effectively meaning that whenever there is a web -level attack, the channel is shut down stopping all play and all communication.
"This is the reason you experience a termination of service rather than a degradation. It carries a greater impact on revenue stream, but the service security is maintained."