Websites hijacked for casino advertising: piracy is rampant
•
22 Dec 2025 •
Reading time: 3 minutes With the new cooperation protocol between the Gaming Commission and DNS Belgium, a strong signal is being sent to providers of illegal gambling websites. Those who promote illegal games of chance with a .be domain can now expect faster detection and immediate consequences.
Domain names can be withdrawn or redirected to a warning page from the regulator. This is necessary because illegal online casinos increasingly try to adopt a “Belgian guise” to instill trust in players.
Yet this is only part of the story. Behind the scenes, another, much more persistent problem is playing out: digital piracy where criminals hijack existing websites to redirect unsuspecting visitors to illegal gambling platforms. And it is precisely there that action is currently lacking.
Business websites unnoticedly hijacked by gambling pirates
Research by Gambling Club shows that hackers are actively penetrating Belgian webshops, often via leaks in commonly used systems like WordPress. Once inside, they add hidden URLs to the existing domain name. Think of examplestore.be/online-casino-xxx, which is silently indexed by Google. The original owner knows nothing, but visitors who click on that link via search engines end up at an illegal casino.
The tactic is sneaky and effective. Large and small companies are victims, from well-known webshops to local players without an IT team. The website Sticker.be, for example, was used to promote a fake version of Betano Casino. The webshop only knew about the hack when Gambling Club contacted them. The fake page was subsequently removed immediately.
Open source, open door?
Many affected websites run on open-source platforms. That makes it relatively simple for hackers to gain access via vulnerable plug-ins or poorly secured admin panels. Once inside, they add extra pages that look like regular content. No banners, no flashing pop-ups, but seemingly legitimate text links that are picked up by Google.
For companies without their own IT department, these attacks are barely visible. And as long as search engines continue to show the bad pages, the reach of these illegal gambling sites is enormous. They piggyback on the SEO weight of reliable domains and mislead visitors looking for legal information.
From schools to shops: no one is safe
This type of attack is not a new phenomenon. Gambling Club previously brought similar hacks to light at Belgian schools. Domain names of educational institutions were then misused to promote illegal games of chance. The structure of the attack is always the same: a reliable domain is used as a springboard to spread gambling sites under the radar.
The risk for consumers is high. Not only do they end up with unregulated providers, but they can also face malware or data theft. And trust in legitimate companies is unjustly damaged.
Time for this piracy to be tackled too
The cooperation with DNS Belgium is a necessary step, but tackling domain piracy should be an integral part of it. The current focus is on .be domains that are consciously registered by illegal providers. But much greater damage arises via existing domains that involuntarily serve as digital smuggling routes.
The Gaming Commission has the instruments and the visibility to raise this issue and increase pressure. Collaborations with cybersecurity experts, hosting providers, and platform builders are essential in this regard. Because as long as hackers can abuse legitimate websites unhindered, Belgian companies and consumers remain playthings of the gambling mafia.