Security

UK lotto players quids in: Website knocked offline by DDoS attack

It could be you*


The UK National Lottery has apologised for a website outage that left money in the pockets of punters unable to play games on Saturday evening.

“We're very sorry that many players are currently unable to access The National Lottery website or app. Our 46,000 retailers are unaffected,” it said on Twitter before adding “please accept our sincere apologies if you were unable to play tonight’s games due to the website issue that affected many players.”

By Sunday the National Lottery confirmed that outage was the result of a denial of service attack. The attack ran for about 90 minutes on Saturday between 6pm until 7.30pm), at a time of peak demand, the Daily Mirror adds.

On Saturday 30 September, a DDoS extortion group called Phantom Squad sent out a ransom demand to companies all over the world, threatening denial-of-service attacks. It’s unknown whether any of its attack threats were genuine – much less whether they were connected to the UK Lottery DDoS.

Criminals with no capacity to launch DDoS attacks have been known to threaten such assaults in a bid to coerce targets into paying up when no threat is present. ®

* Who gets DDoSed. You're not going to win the lottery, buddy.

Send us news
57 Comments

Mastodon delays firm fix for link previews DDoSing sites

Decentralization is great until everyone wants to grab data from your web server

Feline firewall woke developer to declaw DDoS disaster

System alerts were pinging but cat had no way of knowing what was happening

Some 300,000 IPs vulnerable to this Loop DoS attack

Easy to exploit, not yet exploited, not widely patched – pick three

French government sites disrupted by <i>très grande</i> DDoS

Russia and Sudan top the list of suspects

NKabuse backdoor harnesses blockchain brawn to hit several architectures

Novel malware adapts delivers DDoS attacks and provides RAT functionality

DDoS-like attack brought down OpenAI this week, not just its purported popularity

Plus: Lab launches dataset sharing initiative for its own benefit

Inside Denmark’s hell week as critical infrastructure orgs faced cyberattacks

Zyxel zero days and nation-state actors (maybe) had a hand in the sector’s worst cybersecurity event on record

Huge DDoS attack against US financial institution thwarted

Akamai reckons traffic flood peaked at 55.1 million packets per second

HTTP/2 'Rapid Reset' zero-day exploited in biggest DDoS deluge seen yet

Botnet storm drowned last record with 398 million requests per second

Mirai reloads exploit arsenal as botnet embarks on another expansion drive

With 13 new payloads it's the biggest update to the botnet in months

With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages

Previous claims its own software updates were the issue remain almost, kinda, plausible

Russian IT guy sent to labor camp for DDoSing Kremlin websites

Pro-Ukraine techie gets hard time