Federal prosecutors announced that a Wisconsin man had been charged with a sophisticated scheme to gain access to hundreds of unauthorized customer illegally accounts at a sports betting website in late 2022.
The U.S. Attorney’s Office of the Southern District of New York announced the unsealing of a six-count indictment against Joseph Garrison, a resident of Madison, Wisconsin. Garrison, 18, and several others allegedly accessed roughly 60,000 accounts on the website through a technique known as “credential stuffing.”
Keep in mind that there are special daily offers to check out. Upcoming action includes the NBA Finals and Stanley Cup Final. It also means Triple Crown Horse Racing, with the Belmont Stakes taking place on June 10. Further, tennis, golf, boxing, auto racing, and MMA action are open. So too, is Major League Baseball offering daily action with new rules that have increased interest. Meanwhile, you can get futures on college and pro football. It’s all underway and coming in hot, with action available now. This is the best time of year for sports betting activity in overdrive. There are daily specials for each day of the week, which is not to be missed. Go to BetRivers for these daily offers!
The technique typically involves a hacker utilizing log-in credentials from a third-party site to access a user’s account at a highly secure website. A hacker can gain unauthorized access to an account by obtaining a user’s password from a local bank or gym, for example, using the same log-in credentials at a major e-commerce site or an online sports betting account.
According to the U.S. Attorney’s Office, Garrison launched a credential-stuffing attack on Nov. 18, 2022. Three days later, DraftKings identified irregular activity on customer accounts. At the time, the company noted that the account takeovers impacted less than $300,000 of customer funds. While prosecutors did not name the sports betting and daily fantasy website impacted in the breach, DraftKings was targeted in the attack.
Last December, the three definitive leaders in the U.S. mobile sports betting market — FanDuel, DraftKings, and BetMGM — all reported an uptick in cybersecurity disruptions at the end of 2022.
All told Garrison and others stole approximately $600,000 from about 1,600 victim accounts, according to the indictment.
“As alleged, Garrison used a credential stuffing attack to hack into the accounts of tens of thousands of victims and steal hundreds of thousands of dollars,” said Damian Williams, U.S. Attorney for the Southern District of New York, in a statement. “Thanks to the work of my Office and the FBI, Garrison learned that you shouldn’t bet on getting away with fraud.”
During a credential stuffing attack, a cyber threat actor collects stolen credentials, or username and password pairs, obtained from other large-scale data breaches of other companies, which can be purchased on the so-called “dark web.” According to an affidavit presented by an FBI special agent, Garrison sold access to the victim's accounts through websites on the dark web that marketed and sold illegal account credentials. In some cases, the individuals who accessed the stolen accounts added a new payment method to the account, then deposited only $5 to verify the new method.
Go to BetRivers for these daily offers! Now is the time to get the latest bonus offers for all major sports. There are also DAILY SPECIALS to check every day of the week!