Keylogger, it’s a type of executable file, 100K hack reported!

[P.V.]

A high stakes online poker player has come forward on the popular poker forum 2+2 that he had over $100K stolen from his account at Lock Poker, the largest online poker skin on the Revolution Gaming Network. In total, it looks as though $54K alone was transferred to what we can only assume is the scammer’s account, while the rest was dumped to another player at high stakes Omaha at Lock.

I read the article, that's it, but thought it was worth posting. If true it's a major ripoff, would point to keylogger if true.

You do not have permission to view link Log in or register now.

I could have posted this within another thread but wanted to point out the threat of key logging.

You do not have permission to view link Log in or register now.

 

[conker]

That is a warning to us all really. Thank goodness you don't need the kind of bankroll at casinos that you need to play high stakes poker.

He must be feeling very sick today, poor guy.

 

[rockycatt]

just a thought if all large amounts of $$ needed a telephone acknowledgement/ activation from a safe in side poker site [ that would hold off hacker's]

 

[anniemac]

I don't know the ins and outs of poker playing online. Who is ultimately responsible for this loss? Is the Poker site responsible for the players funds or is this guy SOL?

 

[vinylweatherman]

A high stakes online poker player has come forward on the popular poker forum 2+2 that he had over $100K stolen from his account at Lock Poker, the largest online poker skin on the Revolution Gaming Network. In total, it looks as though $54K alone was transferred to what we can only assume is the scammer’s account, while the rest was dumped to another player at high stakes Omaha at Lock.

I read the article, that's it, but thought it was worth posting. If true it's a major ripoff, would point to keylogger if true.

You do not have permission to view link Log in or register now.

I could have posted this within another thread but wanted to point out the threat of key logging.

You do not have permission to view link Log in or register now.

Really! Given all the bother we get withdrawing $5400, let alone $54000 whenever we introduce another payment method or withdrawal account, how come a 54K withdrawal to a new recipient account manages to slip past Lock's security. I would have at least expected some extra checks for the first use of the new account, maybe even more up to date documents, or proof the account was in the players' name. This would have immediately alerted the player to the problem, and the 54K at least would still be there. He may also have been able to act to stop the chip dump sooner, with less lost that way, and by finding out sooner, Lock could more easily have stopped the money exiting altogether.

 

[Mousey]

A while back this sort of thing was being reported all to often about poker accounts - less noteworthy amounts, of course, but accounts were being emptied. We never learned who, or what, or how it was happening. Some lowlife hackers made a big score on this one.

 

[vinylweatherman]

Seeing more detail, it seems the high stakes players get some ridiculous privileges. It seems they are allowed to just send money to another player with no security checks to speak of done by the poker room. The victim was negotiating to trade a large chunk of his poker chips to another player who would transfer the cash to him through the banking system. Now, how is this not open to moneylaundering? Compared to how anal casino companies are over prevention of money laundering for most of us, it seems the "big fish" live in a different world where their money is a passport to being allowed to skip many of the PITA security checks we all go through. Sadly, in this case it was these privileges that made this crime so easy. During the trade, the victim was sent a screenshot to prove the other player had the means to honour his end of the bargain. This is where the malware was hidden, and how his account got hacked. When the deal went ahead after the hacker had gained access, the poker room didn't do anything about it because they were allowing high rollers to do this. With such a privilege, why chipdump at all

The exploit is fairly simple. A scammer just needs enough money to pose as a high roller and gain these privileges, then when he strikes, the poker room are not looking as intently as they would be at the account of an ordinary player. The only alert they get is when the victims find out and report the matter. By then, it could be too late as I expect rapid transfer and almost instant withdrawals are another privilege granted to high rollers.

These high roller accounts may also be the ultimate rapid exit route used for the cash scammed from lesser levels of player.

I really can't see myself transferring 54K to someone I only know as a username on the strength of a JPEG showing a bank account with 54K in it.

These high rollers need to realise the risks they are taking by engaging in such deals, and get back into the habit of depositing from their own deposit method, or not playing that day, like the rest of us.

 

[rockycatt]

oops

 

[P.V.]

This could have been easily prevented by notifying the player when his account was logged in to by sending an automated email notification.

I read where the hacker logged in three different times, on different days moving money before the player noticed what had happened.

I think I'll add this to my site for additional security, when you log in you'll be notified by email a login occurred in real time. I forward all my emails to my cell as I'm sure many others do too.

This should'nt be too complicated to work out, hopefully.

An automated notification might not have stopped this hacker completely but could have helped tremendously.