Beware: Ace Kingdom

Nicola

Closed Account
Joined
Jan 22, 2013
Location
Malta
Discovered a potentially serious security flaw with Ace Kingdom this morning. The site runs on a completly unsecure connection even when logged in and depositing.

Have tested with various tools (and probes) and there is no SSL certificate issued for *.acekingdom.com and the credit card processing page is not encrypted until it is transferred to Verified by Visa for final processing. Worryingly it displays personal information including previous card details via HTTP!

Furthermore, although the IP addresses match genuine PlayTech game servers, all games on the site also run unsecure - which is very unusual these days.

Be very careful with site and if you have deposited here previously might be worth checking for any fraud!

(Ace Kingdom is licensed by the British Gambling Commission and by the Government of Gibraltar)

29apbq0.gif


v8lj7p.gif
 

cj1990

Experienced Member
PABnonaccred
webby
Joined
Aug 22, 2016
Location
USA
Out of curiosity is that site using iFrames?

I have seen that same layout someplace else I just can't recall where right now. (I think it was a some sketchy betsoft casino.)

Do you know what software that platform is running on?

As a US player the site appears blocked for me.
 

Nicola

Closed Account
Joined
Jan 22, 2013
Location
Malta
Out of curiosity is that site using iFrames?

Do you know what software that platform is running on?

Definetely no frames used, have looked through the code and all runs on the main domain. Software is PlayTech but uses it's own cashier console.

Very surprising read for a casino run by possibly the UK's largest bookmaker :confused:

Yeah, maybe a oversight :eek2:

Have reported it to the intelligence team at UKGC today and for a change they took it seriously filing a report.
 

dunover

Unofficial T&C's Editor
Staff member
webmeister
PABnonaccred
PABnononaccred
CAG
mm3
Joined
May 22, 2012
Location
the bus shelter, opposite GCHQ Benhall
Definetely no frames used, have looked through the code and all runs on the main domain. Software is PlayTech but uses it's own cashier console.



Yeah, maybe a oversight :eek2:

Have reported it to the intelligence team at UKGC today and for a change they took it seriously filing a report.

Two words I never thought I'd see in one sentence.
 
Top