Account hacking?...

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
A few nights ago at about 3 a.m. I was playing at an on-line casino when I began to have lots of trouble trying to remain connected to the casino. (staying connected to the internet was not the problem). I had to log back in to the casino 4 or 5 times. I finally gave up and thought...well maybe the casino is performing maintenance on their site. About 4 hours later I again logged back in to my account and found that the balance in my account, which was only about $26.00 when I logged out, had now disappeared. I now had a balance of about 39 cents. I then got the casino 'live help' on the line and asked them what happened to my balance. They stated "you played off your balance and even redeemed a $10.00 comp balance"....which I definitely had not done.
I am quite certain someone at the casino did not do this, but Who Did? I live in a condominium complex and was using my secure password wifi rotor at the time...but I am wondering if that is how an unscrupulous neighbor may have gotten into my account? Or, as the 'live help' operator stated.."maybe you have spyware on your computer and someone knows what you are typing into your keyboard" and thus gets my password...
Any computer savvy casinomeister members out there have any idea how this may have occurred?
Thanks for any help you may have.
 

Casinomeister

Forum Cheermeister
Staff member
Joined
Jun 30, 1998
Location
Bierland
Yukon Gold
Since this is an MGS casino, get back with the support chat and ask them to check their logs. They should be able to identify whether it was you or not.

What games to you usually play? If your account is played by someone else, that person will normally play different games and have different playing patterns. You can post your player history here - it should be totally different when it was hacked.
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
I'm sorry to say, but simply enabling the security features on your router doesn't necessarily mean that it's 100% secure.

I suggest reading
You do not have permission to view link Log in or register now.
, and doing it...Steps for doing this to your specific router will be in the manual, or you may see it easily in the web admin interface.

Disabling broadcasting of your SSID by your router is definitely the way to go. Basically, if a hacker doesn't see a network, they will have a much harder time trying to find it and hack it. The SSID is one key piece of evidence a hacker needs to even try to connect to your network. I also suggest changing the name of your network via the router. This may be a pain, as you'll need to change it on all computers connecting to that router, but it will ensure that a previous hacker can't get in by knowing the previous network name (SSID).

note: SSID is an acronym for Service Set Identifier. The SSID is a sequence of up to 32 letters or numbers that is the ID, or name, of a wireless local area network

Also, if you can get an exact date and time of when your balance at the casino was played off, you can check the time against your router logs, and it will show if someone you don't know was connected to your network at the time. Unfortunately, all you're going to get is a MAC address of the offending computer...if we were talking about thousands of dollars you could push the issue with law enforcement (if you weren't in the USA...lol), but for this low amount, I'd chalk it up as a lesson learned. :(
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
It's a security hole - I found it out quite by accident before I realised what I had done.

I was playing the Munchkin Monday tournament at the now EX Casino Action casinos, and then went to do some admin on the other PC. I realised I might have made a mistake in recording the amount I had deposited, so loged into the FLASH casino just to check playcheck. I got in, and was able to check playcheck. It was at this point that I realised that this should have been IMPOSSIBLE, as I then remembered that I also had this casino logged on at the other PC with Munchkins on 0.45 autoplay.
I went to check, and sure enough, by logging into FLASH, I had booted my other session off the server. It seems that instead of generating an "already logged in" error, logging into an MG casino that is already in use simply boots the current session in favour of the new.
The symptoms that the OP experienced are consistent with this being a "war" between him and this "hacker", as his attempts to reconnect would have booted the hacker, and vice versa.

Clearly though, it would be necessary for this hacker to have access to both the account number and password, easily done by accessing the registry of the host machine via a compromised wireless network. It may also be possible if the breach allowed the remote execution of code on the host machine, but running the session display elsewhere.

This password should be considered compromised, and possibly ALL casino passwords on that machine.These should ALL be changed RIGHT NOW, and efforts made to secure the wireless network against this.
The machine then needs to be swept thoroughly for malware, and if found, the passwords should be all changed a second time once the machine has been fully cleaned up (in case the malware has been used to obtain these also).
Knowing the account numbers is less of a problem, certainly some casinos think so, as they publish the full account number of prizewinners, rather than just the outer characters, as well as first name and initial of surname.


MG casinos should NOT allow a newer session to boot off an existing session, it should be that an existing session should prevent the creation of a new session, and it should be up to support to log out a "stuck" session after verifying the details of the customer. Sessions that end up "stuck" should also have a default timeout, so that an open session does not sit vulnerably on the casino server if the local client machine loses the ability to establish contact.
 

bb28

Dormant Account
Joined
Nov 18, 2006
Location
US
It's a security hole - I found it out quite by accident before I realised what I had done.

The symptoms that the OP experienced are consistent with this being a "war" between him and this "hacker", as his attempts to reconnect would have booted the hacker, and vice versa.

Clearly though, it would be necessary for this hacker to have access to both the account number and password, easily done by accessing the registry of the host machine via a compromised wireless network. It may also be possible if the breach allowed the remote execution of code on the host machine, but running the session display elsewhere.

This password should be considered compromised, and possibly ALL casino passwords on that machine.These should ALL be changed RIGHT NOW, and efforts made to secure the wireless network against this.
The machine then needs to be swept thoroughly for malware, and if found, the passwords should be all changed a second time once the machine has been fully cleaned up (in case the malware has been used to obtain these also).
Knowing the account numbers is less of a problem, certainly some casinos think so, as they publish the full account number of prizewinners, rather than just the outer characters, as well as first name and initial of surname.


MG casinos should NOT allow a newer session to boot off an existing session, it should be that an existing session should prevent the creation of a new session, and it should be up to support to log out a "stuck" session after verifying the details of the customer. Sessions that end up "stuck" should also have a default timeout, so that an open session does not sit vulnerably on the casino server if the local client machine loses the ability to establish contact.

Excellent Advice! :thumbsup: I would immediately unplug it from the internet and get it checked by a proper security computer consultant. If it is malware (trojan = malware). It's very likely that any and all passwords you have on your computer, any debit card, credit card info, maybe your SS #, and the list goes on are comprimised. If it has been, you should monitor your CC statements, your credit reports, ect.
It most likely did not come from your router setup probably a website you visited, a program you downloaded or an email you opened are the usual suspects. Having a secure router is only part of protecting yourself from malware.
 

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
I have gotten back

in touch with 'live help' and they say Risk Management will have to get back to me...so am waiting for now. In the mean time I have disconnected my router and connected directly to my broadband cable. Haven't seen any other indications of anything wrong with other accounts....yet! Thanks for your suggestions.
 

bb28

Dormant Account
Joined
Nov 18, 2006
Location
US
in touch with 'live help' and they say Risk Management will have to get back to me...so am waiting for now. In the mean time I have disconnected my router and connected directly to my broadband cable. Haven't seen any other indications of anything wrong with other accounts....yet! Thanks for your suggestions.

My earlier post was misunderstood it seems. I didn't recommend disconnecting from your router, what I suggested to you was completely disconnect from the internet until your machine has been checked and you are positive that it's clean be it malware or of the possibility that you've been hacked. The router does offer you some protection from hackers unless it has been compromised, although routers offer no protection from malware that you might have gotten from the methods I mentioned above. If you have been compromised it is most likely malware, not your router being hacked.
If you have found that someone else in fact was playing on your account then you should take that very seriously and get your machine unplugged and checked right away. If someone stole your casino log in, it's highly likely that anything and everything else you had on your machine is also compromised. I don't mean to frighten you but some trojans. (malware) are key-logging, password stealing, spam sending.........in other words.......very bad stuff.
 

GrandMaster

Dormant account
Joined
Jan 21, 2004
Location
UK
It is for this sort of occasions that you should have a live Linux CD, Knoppix or SystemRescue, so that you can boot into a clean environment, scan your computer for malware, save you data, etc.
 

AudiManinBoro

Dormant account
Joined
Jun 19, 2006
Location
UK
I have never understood todays sweeping desire by many to use wireless networks if the option of a wired exists. I find wireless to be slow, tedious and annoying, they are forever dropping and are far more of a security risk than a wire. Stick to a cable guys unless you absolutey have to!
 

bb28

Dormant Account
Joined
Nov 18, 2006
Location
US
I have never understood todays sweeping desire by many to use wireless networks if the option of a wired exists. I find wireless to be slow, tedious and annoying, they are forever dropping and are far more of a security risk than a wire. Stick to a cable guys unless you absolutey have to!

I disagree with you, but we are each entitled to our opinion. :)

I use wireless on my laptop.....never any issues, and it's just as fast as my wired connection. Also if you take the proper security options with your wireless the security concerns are very minimal.
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
I have never understood todays sweeping desire by many to use wireless networks if the option of a wired exists. I find wireless to be slow, tedious and annoying, they are forever dropping and are far more of a security risk than a wire. Stick to a cable guys unless you absolutey have to!

If you find wireless to be slow, tedious, annoying and dropping off, then there's something wrong with your router, wireless card or the distances you're trying to traverse for your connection. Wireless G (at minimum) is 54mb/s, and even with my 16mb cable connecton, I'm only using 1/3rd of my total bandwidth. I've never had problems with dropped connections. Keep note that some wireless cards/routers have a problem if you're trying to connect between floors and/or walls.

But, it is true in the end. If you can use a wired connection, go for it. Even though I use the wireless connection for my laptop, my desktop system is still hard wired into my wireless router.
 

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
I have asked for

my game history from 'live help'. They have said I must get that from Risk Management. I am now locked out of the casino and cannot access my records...so am hoping to hear from them soon.
Thanks for all your suggestions.
 

RobWin

closed account
Joined
Apr 24, 2004
Location
A Vault!
my game history from 'live help'. They have said I must get that from Risk Management. I am now locked out of the casino and cannot access my records...so am hoping to hear from them soon.
Thanks for all your suggestions.

Rich, why are you locked out of the casino now ?? Did they lock your account on your request or did they just lock it when you requested your game logs ??
 

AudiManinBoro

Dormant account
Joined
Jun 19, 2006
Location
UK
I disagree with you, but we are each entitled to our opinion. :)

I use wireless on my laptop.....never any issues, and it's just as fast as my wired connection. Also if you take the proper security options with your wireless the security concerns are very minimal.

Depending on where your laptop is and how closely situated it is to the router i agree you can get flawless operation. But many dont sit right by their routers and there are several external factors to take into account if using a wireless, such as near by power pylons, how many walls the signal has to go through, distance from router. not everyone gets perfect results from wireless connections in fact id probably say your one of the lucky ones lol :)I know several people who use wireless and most of the time it works ok but drops are inevitable and it realy does annoy them speciayl during XBOX live multisessions lol
 

bb28

Dormant Account
Joined
Nov 18, 2006
Location
US
Depending on where your laptop is and how closely situated it is to the router i agree you can get flawless operation. But many dont sit right by their routers and there are several external factors to take into account if using a wireless, such as near by power pylons, how many walls the signal has to go through, distance from router. not everyone gets perfect results from wireless connections in fact id probably say your one of the lucky ones lol :)I know several people who use wireless and most of the time it works ok but drops are inevitable and it realy does annoy them speciayl during XBOX live multisessions lol

Well my laptop is close to my router ;) and I'm not a gamer but can certainly understand how aggravating that would be to be disconnected.
You have some good points. :thumbsup:
 

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
Rob..

They locked my account immediately after I contacted 'live help' and let them know I had a problem with my account being compromised.
 

GrandMaster

Dormant account
Joined
Jan 21, 2004
Location
UK
Have you tried accessing your account history directly through Link Removed ( Old/Invalid) ? It may be locked as well, but it is worth a try.
 

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
GrandMaster

I have attempted logging in through the link you provided but no luck...thank you for the attempt. To this point still no additional problems with other accounts.
 

RobWin

closed account
Joined
Apr 24, 2004
Location
A Vault!
I have attempted logging in through the link you provided but no luck...thank you for the attempt. To this point still no additional problems with other accounts.

Yea Rich, I was going to suggest the same thing that GrandMaster said to try, but I see that did not work for you either.. hopefully Risk Management will get back in touch with you tomorrow, I am really curious to see what they tell you had happened here...
 

bb28

Dormant Account
Joined
Nov 18, 2006
Location
US
Richtree, have you scanned your computer for malware?
Here is a link to a online scanner, please note this will scan for trojans or spyware. Also please note that if your results are clean or not clean, it is not an absolute. The tracking info, such as registry keys associated with programs you installed, cookies, etc. that it finds is not a big concern. If it finds a trojan on your machine, then you should be very concerned.

You do not have permission to view link Log in or register now.


I edited this post because I found that it does scan for spyware also.
 

Richtree7

Dormant Account
Joined
Sep 22, 2006
Location
Massachusetts
BB

Thanks for your help. I've clicked on your link and gotten to the web page, however when attempting to download the scan ware a pop-up tells me "error loading GUI resources". It instructs me to go to the internet options page and re-set my active-x controls which I have done but it still gives me the same pop-up. I must say I am on a beginner to intermediate level of computer skill...casinos I can play but beyond that not so good.:what:
 

RobWin

closed account
Joined
Apr 24, 2004
Location
A Vault!
Thanks for your help. I've clicked on your link and gotten to the web page, however when attempting to download the scan ware a pop-up tells me "error loading GUI resources". It instructs me to go to the internet options page and re-set my active-x controls which I have done but it still gives me the same pop-up. I must say I am on a beginner to intermediate level of computer skill...casinos I can play but beyond that not so good.:what:

Rich,, a bar will show up across the top of your browser page and you need to click on that and download and install the active-x control first before you can run the scan...
 
Top