The manufacturer of GPI casino machines becomes a victim of ransomware. Hackers threaten to reveal game algorithms if ransom is not paid

According to various publications on the dark web, one of the leading manufacturers of casino equipment has become a victim of the dangerous REvil ransomware group. Gaming Partners International (GPI), the world’s leading company, suffered a security incident that resulted in the encryption of 540 GB of sensitive data; In addition, hackers gave the company 72 hours to the company not to disclose the compromised information.

REvil recently managed to attack the famous law firm Grubman, Shire, Meiselas & Sacks, although apparently the company refused to pay the ransom to the hackers. The hacking group was also threatening to disclose information from U.S. President Donald Trump, although this has not happened.

The hackers noted in his warning to GPI that they had all the most important data, such as financial documents, contracts and technical documentation for the company’s gaming machines, even for its customers in Macau and Mexico. The group did not provide details on the amount criminals request in exchange for restoring control of the company’s servers and not disclosing sensitive data.

Hacking and encrypting data on business servers is an increasingly common approach taken by cybercriminal groups and, in these situations, victims should consider one of two possible scenarios: paying without any guarantee that the stolen data will not be published, or refusing to pay and that their confidential information is compromised.

In case GPI agrees to pay the ransom, it is impossible to know whether REvil will actually destroy the data on its servers, adds cybersecurity and cybercrime expert Brett Callow: “It is hard to believe that these criminal groups will keep their word, especially if they can continue to make a profit from the compromised information,” the expert says.

Companies that develop systems for the gambling industry have become an attractive target for malicious hacking groups. Last March, during the announcement of the merger between Diamong Eagle Corp and DraftKings, the technology firm SBTech was the victim of a hacker who managed to generate severe disruptions worldwide. SBTech is one of the leading providers of sports bookmaker technology.