So heads up ,i was hacked over the weekend and only new casinos ive used are 3dice and vegascrest

Savatage79

Senior Member
Joined
Jul 25, 2016
Location
Pittsburgh
So I woke up today to one of my accounts being 3k overdrawn , and I went to see that it was paypal Mastercard debits which is the card I've had to use at some places. Now my casinos over the last 4 to 5 years have been bovada, Ignition, sloto, uptown and inetbet. Never had a single issue in all these years .

Now I doubt it was 3dice but the brokering sfuff Is new to me,im not sure if someone is able to snag a debit Mastercard from that or what.

Direct usage was at vegascrest, again I guess I just dont see how it could be stolen while putting in a deposit but I am sure there are ways. Would it he most likely someone at a casino that has access to people's cards?

I don't know all I know is those were the 2 newest casinos breaking the norm for me and here I am...so just a heads up for anyone that may frequent them a bit, maybe change your info,passwords etc... i just wish i had an idea of how it could've happened or where
 
Last edited:

Savatage79

Senior Member
Joined
Jul 25, 2016
Location
Pittsburgh
Like has anyone ever heard of someone getting hacked when trying to use payment portals on casinos?

That's the only thing I can think of. But I tend to not think it was an outside of casino coincidence...i mean im still gonna play at 3dice as Like I said doubt it happened from there but its new in my rotation so that's why it all weirds me out a bit, and why I mention if it did happen from there to just be careful but like i said I highly doubt it.

I haven't opened any weird emails or anything, thats the only things I can associate with the debit mastercard they used
 

Playford7

Permanent Ban: Too much flaming
MM
Joined
Jul 10, 2016
Location
North east England
Sorry to hear that.

In the states do you have the chargeback option?

In the U.K. should you have money taken wrongly it works perfectly to get those funds back.
 

Savatage79

Senior Member
Joined
Jul 25, 2016
Location
Pittsburgh
Yea it should work fine ,i just get worried as I've heard some horror stories before...like my paypal debits are all 35 to 50 bucks, months of 35 to 50 debits and then boom for 1 hour from 3am to 4am my account gets exploded with thousands of dollars.

I'm not to worried about getting it fixed but I guess I'm bummed because I don't know where it may have occurred snd I was excited to get hitting some games in Vegascrest casino, and it all couldve just been one massive misfortunate happening...but it made me a little gunshy now .

I just know I have stuck to my regular casinos and it would figure the month I veer off a bit boom, hacked
 

Mr_Slot5

Senior Member
Joined
May 6, 2019
Location
North West
I know a couple of people who have had issues getting their PayPal hacked. One of them had it done by someone in America. God knows why PayPal let that one through as he lives in England. I highly doubt it was anything to do with the casinos you have used. More likely your email address has been sold on by a shady company along with your password.

As soon as I heard of these stories I set up 2 factor authentication on my PayPal account.
 

mina1929

Meister Member
Joined
Jun 13, 2015
Location
Universe
I know a couple of people who have had issues getting their PayPal hacked. One of them had it done by someone in America. God knows why PayPal let that one through as he lives in England. I highly doubt it was anything to do with the casinos you have used. More likely your email address has been sold on by a shady company along with your password.

As soon as I heard of these stories I set up 2 factor authentication on my PayPal account.

I am glad you mentioned that as soon as I read this thread I did the same :)
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
This is G translation, no time to correct it, on my way to work...


Visa has issued a warning about the new Baka electronic skimmer (at Group-IB we traditionally call this malware - JS sniffers). Payment system experts found Baka in several international online stores at once. The virus was added to the checkout page using a special script. At the same time, the "malware" is almost impossible to catch - after the "operation" is completed, it is automatically removed from the resource page.

"Now JS sniffers are one of the fastest growing threats to the e-commerce market in the world," says RG Viktor Okorokov, Group-IB Threat Intelligence specialist. "In less than a year and a half since the release of the first Group-IB study devoted to On this topic, the number of unique families of such malicious code discovered by Group-IB experts has more than doubled: today there are already 96 of them. " In his opinion, JS sniffers have finally replaced banking Trojans. "Since the end of 2019, criminal groups using such software have become the main suppliers of text databases of bank cards for sales on specialized hacker forums - kartshops."

The recommendations are:

Since it is almost impossible for ordinary users to determine that the official website of an online store is infected with JS sniffers, in order to minimize losses, we recommend using a virtual card with limited limits, and the card itself must be linked to a separate account.

Online business owners are recommended to regularly conduct express audits of their websites, and once a year - more in-depth studies of the security of Internet resources. All this does not negate the regular updating of the software for the CMS site by the site owners.

You do not have permission to view link Log in or register now.
 
Last edited:

Savatage79

Senior Member
Joined
Jul 25, 2016
Location
Pittsburgh
I know a couple of people who have had issues getting their PayPal hacked. One of them had it done by someone in America. God knows why PayPal let that one through as he lives in England. I highly doubt it was anything to do with the casinos you have used. More likely your email address has been sold on by a shady company along with your password.

As soon as I heard of these stories I set up 2 factor authentication on my PayPal account.

You're most likely right ,but here's the thing...see the way I view it if they hacked my paypal account they would've had access to all my cards associated with it so I'd have seen charges elsewhere. Hacking paypal doesn't give them my paypal debit card number, know what i mean? The form of charging they used was the paypal debif Mastercard which like i said the only new place I have used it directly was Vegascrest.

Thats main reason why I'm just slightly weirded out , it just seems to big of a coincidence is all.
 

zreb

Experienced Member
PABaccred
Joined
Sep 21, 2013
Location
currently in US
Are you able to determine whether the transactions were done through paypal itself or through the card? Presumably paypal should be able to tell though I don't know whether or not it would be easy to figure out that info.

So if wasn't through paypal itself, then that's probably just a normal credit card info theft. So anyone that had access to your credit card info at some point could theoretically have stolen it, not necessarily going to be easy to track it down. I don't know exactly how casino payment processing from a technical point is done, but there's a good chance when you use a credit card your info is being passed both through the casino itself and then onto a payment processor.

Between those two, I would be more likely to suspect the payment processor but you never know for sure. Online casinos sometimes have to change payment processors for whatever reason, they stop working, go rogue, get caught up in legal trouble, whatever. So you might end up with you card being sent to multiple payment processors over time even if you use just one casino.

There were some posts on the poker forum 2+2 maybe a few months ago that bovada group seemed to be having problems with their payment processors - something like they were taking money out people's accounts but reporting to bovada that the transactions were somehow later declined/charged back/etc and causing problems for some people. I think it was in response to this that bovada accelerated a lot of its bitcoin promotion stuff. So just saying it's possible that a processor like this just held onto your and a bunch of other people's credit card info for a while, and a few months starting either using or selling that information, so there could be some chance it was a result of bovada/ignition payment processors.

Of course you should also consider the possibility that you've somehow had your computer compromised with a keylogger or other software, just to make sure you're covering the bases. If you only used the card with your phone though, phones are usually pretty safe/everything is kept separate but who knows. Could even have possibly been compromised in person if you use the card at stores/ATMs.

So unfortunately it might be tough to really be sure who is actually responsible for the credit card info being stolen. Though online casinos are obviously going to be at the top of the suspect list.
 

Savatage79

Senior Member
Joined
Jul 25, 2016
Location
Pittsburgh
Well that's the thing the physical card used never leaves this house, i only use it for deposits as it then pulls from my bank account since some places are finicky. That's why its a bit more narrowed down as to where it was used, its just the worst feeling in general because its a pain in the ass .
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
I know a couple of people who have had issues getting their PayPal hacked. One of them had it done by someone in America. God knows why PayPal let that one through as he lives in England. I highly doubt it was anything to do with the casinos you have used. More likely your email address has been sold on by a shady company along with your password.

As soon as I heard of these stories I set up 2-factor authentication on my PayPal account.

Today, carders bypass the 2-factor authentication easily. If you want to use Paypal and be sure that your money is safe - get two bank accounts and keep it on the one which is not linked to your Paypal.

In case you want to make a deposit in an online casino or purchase anything online using Paypal then transfer from your main bank account some money into the one that is linked to your Paypal.

If you received casino winnings or payment for your service or say your friend transferred you some money into Paypal; perform a reverse action - Paypal → your bank account that is linked to it → your main bank account.

To add more security on top, important is to have strong different passwords and memorable info for each of the accounts. Plus mandatory - a separate email address and a phone number for your main bank account. A password for the email address must be totally unrelated to others and not used anywhere else.

A lot of people think Paypal is the oldest and the safest, but in reality, it is very vulnerable and in general, it is the 1st thing that gets emptied out by carders.
 

Mr_Slot5

Senior Member
Joined
May 6, 2019
Location
North West
Today, carders bypass the 2-factor authentication easily. If you want to use Paypal and be sure that your money is safe - get two bank accounts and keep it on the one which is not linked to your Paypal.

In case you want to make a deposit in an online casino or purchase anything online using Paypal then transfer from your main bank account some money into the one that is linked to your Paypal.

If you received casino winnings or payment for your service or say your friend transferred you some money into Paypal; perform a reverse action - Paypal → your bank account that is linked to it → your main bank account.

To add more security on top, important is to have strong different passwords and memorable info for each of the accounts. Plus mandatory - a separate email address and a phone number for your main bank account. A password for the email address must be totally unrelated to others and not used anywhere else.

A lot of people think Paypal is the oldest and the safest, but in reality, it is very vulnerable and in general, it is the 1st thing that gets emptied out by carders.
I thought 2fa was safe as PayPal have to send a unique 6 digit code to my mobile number?

I know someone tried (and failed) to get in once as I got the 2fa code sent to me.
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
I don't know exactly what methods they use to gain an access to this code but I'm sure they change a phone number and the code gets sent somewhere else. Once they get the access, often they open one more Paypal account making a real user totally unaware.

For informational purposes, I can try to dig some info out from private cybersecurity chats on Telegram.
But I guess if I find anything that worth to share here it will be semi-outdated as ones try to close the hole but others always find something new, and it goes around again and again.
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
Well, here is a very classic one; infection with malware by downloading malicious apps from the play store, iTunes or with the help of social engineering - making a victim open some file.
The file can look very unsuspicious like even a png image!

Once a victim's phone is infected the malware intercepts SMS messages and re-directs them to an attacker.

P.S Forgot to add that malware also can be installed in the repair shops or on a second-hand phone.
 
Last edited:

Reckless Bets

Newbie member
Joined
Feb 3, 2018
Location
US
2 of my cards were (attempted) used in fraudulent purchases lately and while I play on both 3Dice and Vegas Crest, I only use the cards on Vegas Crest. Wonder if they have weak security or their processor is dirty.
 

dreamguardian1

Senior Member
PABnonaccred
MM
Joined
Sep 6, 2012
Location
San Francisco, CA
As i have never had this happen to me BUT heard of it happening to others especially in the United States. I would contact the casinos you also should see where each charge originated on a computer print out so they are easy to track and dispute. IF they were the casinos processors you should reach out to the rep IF they are legit on here and have them conduct an investigation. There are some SHADDY processors out there.
 

dreamguardian1

Senior Member
PABnonaccred
MM
Joined
Sep 6, 2012
Location
San Francisco, CA
Today, carders bypass the 2-factor authentication easily. If you want to use Paypal and be sure that your money is safe - get two bank accounts and keep it on the one which is not linked to your Paypal.

In case you want to make a deposit in an online casino or purchase anything online using Paypal then transfer from your main bank account some money into the one that is linked to your Paypal.

If you received casino winnings or payment for your service or say your friend transferred you some money into Paypal; perform a reverse action - Paypal → your bank account that is linked to it → your main bank account.

To add more security on top, important is to have strong different passwords and memorable info for each of the accounts. Plus mandatory - a separate email address and a phone number for your main bank account. A password for the email address must be totally unrelated to others and not used anywhere else.

A lot of people think Paypal is the oldest and the safest, but in reality, it is very vulnerable and in general, it is the 1st thing that gets emptied out by carders.

Paypal is safe and have a quarantee, a long time ago whey first started someone hacked my facebook page and got into my paypal through a workaround. Luckily i had 2 factor authentification enabled and it hit my cell phone but i didnt know about it till next day cause i was sleeping but they blocked it and passwords reset and fixed. Love paypal
 

slotplayer

Paleo Meister (means really, really old)
webmeister
Joined
Oct 11, 2006
Location
USA
FWIW, Out of the blue, I had 2 notification emails from Sloto on failed login attempts the last few months. One was dated Aug. 2. I haven't played online in 8 years. Any cards I ever used have long been replaced anyway.
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
Paypal is safe and have a quarantee, a long time ago whey first started someone hacked my facebook page and got into my paypal through a workaround. Luckily i had 2 factor authentification enabled and it hit my cell phone but i didnt know about it till next day cause i was sleeping but they blocked it and passwords reset and fixed. Love paypal

From one hand PayPal is safe, easy to use and very convenient. And this is the main reason why many users like it (including myself). And yes, if money gets stolen PayPal will return it. Carders know that very well and that's why reckon they steal from PayPal but not from users.

For carder sometimes is enough to have only an email address or even a potential victims image to eventually gain access to their full personal information.

Have you ever searched on Google for anything related to you? :D

There are thousands of people in the world who leave their personal data on the internet. The prime example is social network accounts where people simply register with their real data and leave their contact information accessible to all.

Carders usually buy custom build software from hackers which enables them to perform different things, like for example finding a bank that you bank with or e-wallets connected to you by only knowing your phone number, email or some piece of information about yourself.

Besides, there are also countless personal data on the dark web available.

And not everyone is smart enough to realise that they are being tricked by
You do not have permission to view link Log in or register now.
which can last a very long time.

Not everyone uses a smartphone with the latest version on it.

Not everyone reads all reviews on Play Store or iTunes before installing any apps. While many others download and install different shit from untrusted sources.

And of course, not everyone knows what 2-factor authenticator is.

And as I said earlier, the smartphone can be infected by receiving even a simple PNG image which victim downloads in order to view on his smartphone. As a rule, it's spyware which will be silently sitting there and copying everything including logs, cookies, passwords etc. and sending to the attacker.

Once all info is collected the attacker downloads logs/cookies to his phone and logs for example into Paypal.

Paypal will think it is a genuine user, and in case there is 2FA, a real user won't see the unique code as it will be sent to the attacker (seems like when you got hacked they didn't have your logs and that's why Paypal blocked them).

That's said enough I think!

By the way, this is quite old info which comes from cybersecurity expert. What they do nowadays, I guess is very advanced.
 

Kroffe

เ๓ ค Ŧคภςץ ๒єคг
MM
Joined
Mar 2, 2019
Location
sweden
From one hand PayPal is safe, easy to use and very convenient. And this is the main reason why many users like it (including myself). And yes, if money gets stolen PayPal will return it. Carders know that very well and that's why reckon they steal from PayPal but not from users.

For carder sometimes is enough to have only an email address or even a potential victims image to eventually gain access to their full personal information.

Have you ever searched on Google for anything related to you? :D

There are thousands of people in the world who leave their personal data on the internet. The prime example is social network accounts where people simply register with their real data and leave their contact information accessible to all.

Carders usually buy custom build software from hackers which enables them to perform different things, like for example finding a bank that you bank with or e-wallets connected to you by only knowing your phone number, email or some piece of information about yourself.

Besides, there are also countless personal data on the dark web available.

And not everyone is smart enough to realise that they are being tricked by
You do not have permission to view link Log in or register now.
which can last a very long time.

Not everyone uses a smartphone with the latest version on it.

Not everyone reads all reviews on Play Store or iTunes before installing any apps. While many others download and install different shit from untrusted sources.

And of course, not everyone knows what 2-factor authenticator is.

And as I said earlier, the smartphone can be infected by receiving even a simple PNG image which victim downloads in order to view on his smartphone. As a rule, it's spyware which will be silently sitting there and copying everything including logs, cookies, passwords etc. and sending to the attacker.

Once all info is collected the attacker downloads logs/cookies to his phone and logs for example into Paypal.

Paypal will think it is a genuine user, and in case there is 2FA, a real user won't see the unique code as it will be sent to the attacker (seems like when you got hacked they didn't have your logs and that's why Paypal blocked them).

That's said enough I think!

By the way, this is quite old info which comes from cybersecurity expert. What they do nowadays, I guess is very advanced.
I just email people and pretend im a Nigerian Prince.
People fall for it every time.
;)
 

Guntis

Senior Member
Joined
Dec 29, 2017
Location
United kingdom
I just email people and pretend im a Nigerian Prince.
People fall for it every time.
;)

Lol, I watched some interview recently and unfortunately, there are still people in 2020 that believe in a Nigerian prince, and share their personal details to receive that promised will :)
 

Kroffe

เ๓ ค Ŧคภςץ ๒єคг
MM
Joined
Mar 2, 2019
Location
sweden
Lol, I watched some interview recently and unfortunately, there are still people in 2020 that believe in a Nigerian prince, and share their personal details to receive that promised will :)
Why else would i run that scam?
God bless them!
 

pokerdan

Senior Member
PABaccred
Joined
Jul 6, 2010
Location
LA
So I woke up today to one of my accounts being 3k overdrawn , and I went to see that it was paypal Mastercard debits which is the card I've had to use at some places. Now my casinos over the last 4 to 5 years have been bovada, Ignition, sloto, uptown and inetbet. Never had a single issue in all these years .

Now I doubt it was 3dice but the brokering sfuff Is new to me,im not sure if someone is able to snag a debit Mastercard from that or what.

Direct usage was at vegascrest, again I guess I just dont see how it could be stolen while putting in a deposit but I am sure there are ways. Would it he most likely someone at a casino that has access to people's cards?

I don't know all I know is those were the 2 newest casinos breaking the norm for me and here I am...so just a heads up for anyone that may frequent them a bit, maybe change your info,passwords etc... i just wish i had an idea of how it could've happened or where

I was hacked a while back. It is not 3dice for sure. Brokering has nothing to do with that. unless you opened a strange email.

I had issues with Bovada last year and someone was doing chargebacks against bovada using my cards. I sent them all my documents and proved it wasn't me. But I would be careful at Bovada. I think they may have had security issues in the past and this is why they are trying to push BITCOIN only accounts. I know for a fact they had issues because there were tons of people having the chargebacks issues. It was all over twitter.

So I would check all your Bovada stuff very carefully. I also had someone steal my credit card info and use it shortly after playing at Casinomax.

Some of these sites used shady third party processors.

Especially when it's a voucher system.

Just some thoughts.
 
Top