Welcome to this week’s edition of ONSEC iGaming News Weekly Digest, brought to you by the ONSEC team.
This week’s headlines reflect a dynamic and fast-moving iGaming industry, where growth, compliance, and cybersecurity converge. From BetMGM’s upgraded $2.7B forecast and Michigan’s $285M monthly GGR to Kambi’s post-Penn dip and 1spin4win’s 30% surge, operators continue to navigate shifting markets with digital-first strategies. Regulators across the globe—from Massachusetts and Italy to Sweden and the Philippines—tightened enforcement, clarified emerging formats like crash games, and debated sweeping bans and tax overhauls. Meanwhile, data breaches and malware campaigns targeting platforms and crypto wallets underscore the rising threats facing gambling operators and their users. Here’s what mattered most this week.
Trends and Analytics
- BetMGM Raises Full-Year 2025 Guidance After Q2 Surge. On July 29, BetMGM reported a 36% YoY rise in Q2 net revenue and iGaming revenue up 29%, prompting a boost to full-year guidance: now expecting at least $2.7 billion in revenue and $150 million EBITDA. The digital division continues to outperform, underscoring the strategic strength of its online operations. Source: iGamingBusiness
- Michigan Operators Post June GGR of $285.2M. On July 23, the Michigan Gaming Control Board reported that total internet gaming gross receipts in June reached $285.2 million, including $240.6M from iGaming (up 37.3% YoY) and $44.6M from sports betting, despite a slight MoM decline. Source: Yogonet
- Kambi Q2 Revenue Falls 11.5% Amid Post-Penn Transition. On July 23, Kambi revealed its Q2 2025 revenue dropped 11.5% YoY to €40.5 million, attributing the decline to the absence of one-off transition fees following the end of its deal with Penn Entertainment. CEO remarks signalled ongoing strategic focus on Latin America and esports partnerships. Source: Kambi report via EsportsInsider
- 1spin4win Posts 30% GGR Growth in H1 2025. On July 28, slot provider 1spin4win confirmed a 30.3% surge in first‑half 2025 gross gaming revenue, driven by new content releases and expanded distribution partnerships, indicating strong momentum in the online slots segment. Source: Yogonet
Law and Regulation
- DraftKings Fined $450K by Massachusetts Over Credit Card Violations. The Massachusetts Gaming Commission imposed a $450,000 fine on DraftKings for allowing 1,160 credit card‑funded wagers between 2023–2024, and ordered $83,667 refunds to affected customers. Source: Yogonet
- Italy Extends Online License Approval Deadline to November 12. Italy’s ADM pushed back the deadline for its online gaming license tender to November 12, 2025, from the original September 17 cutoff, citing procedural complexity and ensuring full vetting. Source: iGamingBusiness
- Sweden Pushes for Regulatory Clarity on “Crash Games”. Sweden’s gambling trade association BOS submitted a memorandum to regulator Spelinspektionen seeking formal guidance on emerging iGaming formats such as crash games, video bingo, and live show games. BOS highlighted ambiguity in the current Gambling Act over whether these formats fall within permitted definitions and urged publication of official FAQs to clarify the rules for licensed operators. Source: InterGameOnline
- Philippines Regulators Face iGaming Ban Bill Amid E‑games Surge
PAGCOR officials faced mounting political pressure after Senate Bill 142—which proposes an outright ban on online gambling apps and websites served to local users—was introduced. The bill aims to block access within 72 hours via ISPs and digital payment platforms. Its emergence followed PAGCOR’s report that e‑games drove 82.7% YoY growth, accounting for over half of PHP 214.75 billion in H1 GGR. Source: Context - UK Race Industry Backs Alternative Tax Model, Warns of £330M Loss
The Social Market Foundation proposed a differentiated gambling tax framework for the UK, supported by the National Trainers’ Federation. The plan recommends raising casino gaming tax rates to as high as 50%, while offering a lower rate for horse racing bets to avert a projected £330 million revenue drain and job losses if current harmonization plans proceed. Source: The Guardian
Hacks and Data Breaches
- Flutter Entertainment Confirms Data Breach Impacting Paddy Power & Betfair
Flutter disclosed a breach affecting up to 800,000 customer accounts on Paddy Power and Betfair, exposing email addresses, IP data, device IDs, and betting activity. No passwords or financial details were compromised, but regulators have been notified.
Source: TechRadar - Scammers Flood Discord with Fake Betting & Casino Websites. Cybersecurity researcher Brian Krebs exposed a campaign involving more than 1,200 scam gambling sites advertised via Discord and social media, which lure victims with bonus offers (e.g., “$2,500 sign-up credit”) and then request cryptocurrency “verification deposits” before cashouts—ultimately disappearing with the funds. These scams underscore the craftiness of social-engineering attacks targeting bettors. Source: Krebs on Security
- Hackers Embed Malware in Steam Game “Chemia,” Targeting Crypto Wallets.
Security firm Prodaft found that the survival game Chemia, available on Steam Early Access, contained malware—HijackLoader, Vidar Stealer, and Fickle Stealer—designed to steal browser credentials and crypto wallet data. The malicious binaries were embedded in the game installer and linked to the cybercriminal group EncryptHub. Source: GAM3S.GG - EncryptHub Campaign Targets Web3 Devs via Fake AI Platform. PRODAFT published a follow-up confirming that EncryptHub actors compromised the Steam game Chemia (see previous item) and used legitimate Windows utilities to evade detection and deliver malware. Threat actors used RDP credential theft and system modifications to deliver Vidar Stealer, highlighting real-world threats to crypto and gaming ecosystems. Source: The Hacker News
- India’s CoinDCX Crypto Exchange Suffers $44.3M Hack. CoinDCX confirmed a high-value attack in which $44.3 million was stolen via server compromise, likely involving a private key breach that impacted internal hot wallets. Although not an iGaming platform, CoinDCX services overlap with crypto‑betting sectors, and the incident highlights backend and infrastructure vulnerabilities. Source: Halborn
Final Words
As the iGaming landscape continues to evolve, this week’s developments underscore three key themes: digital momentum among leading operators, increasing regulatory scrutiny across global markets, and persistent cybersecurity threats targeting both platforms and players. From explosive growth in slots and mobile gaming to phishing scams and regulatory reforms, staying informed and resilient has never been more essential. We’ll be back next week with the latest insights, risks, and opportunities shaping the future of online gambling. Stay secure, stay sharp.
Leave a comment