1. By continuing to use the site, you agree to the use of cookies .This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy.Find out more.
    Dismiss Notice
  2. Dismiss Notice
  3. Follow Casinomeister on Twitter | Facebook | YouTube | Casinomeister.us US Residents Click here! |  Svenska Svenska | 
Dismiss Notice
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!

At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.

Registration is fast, simple and absolutely free so please, join Casinomeister here!

Someone hacked into my poker account with a Trojan

Discussion in 'Casinomeister's Poker Room' started by The Grapist, Aug 5, 2004.

    Aug 5, 2004
  1. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    I've already sent this to the Pitch a Bitch section, but I'm just going to give the abbreviated version here.

    I woke to find that I was unable to log into my Pacific Poker account. I called in support, and we found that $2k was missing. I had the account suspended.

    Five hours later, the last $1k was gone. Operations has sent me a few e-mails, stating that they are denying my claim because my IP address matches (the time I played and the time that the person stole my account). They also claimed the style was the same (when it obviously wasn't).

    I have since found a Trojan on my PC, and I suspect that the Trojan is the culprit (or rather, the person who sent me the Trojan). Pacific maintains that if this is the case, they won't honor my claim.

    This is a normal practic? :(
     
  2. Aug 5, 2004
  3. largeeyes

    largeeyes Dormant account

    Occupation:
    Engineer
    Location:
    North America
    As much as it pains me to say this, but Pacific can't be held responsible for you not securing your computer from viruses and key stroke catchers. I'd be interested in why they say the IP addresses match.
     
  4. Aug 5, 2004
  5. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY

    :(

    All they will say is that the IP and the Internet provider info matches. They won't say how they know.

    But the thing that bugs me the most is that I called and had the account suspended, and five hours later more money is played away.

    They then tell me
    in one e-mail and
    in another

    I mean, I know it doesn't look good for me, but they don't have to go out and accuse me! :mad:
     
  6. Aug 5, 2004
  7. largeeyes

    largeeyes Dormant account

    Occupation:
    Engineer
    Location:
    North America
    Yes, I would have a beef with it remaining unlocked.....and a bigger beef with them accusing me if taking advantage of it if that wasn't in fact true. I wish you all the luck getting this remedied
     
  8. Aug 5, 2004
  9. jpm

    jpm Dormant account

    Unfortunately, people try all kinds of scams at online casinos, so they've heard it all before. Hence the accusatory email. I've read a few nearly identical stories here before and it always turns out that it was someone else in the house (or the person themselves) who were the actual culprit.

    Not saying that is the case here, but I think you should check on anyone else who had access to your computer during the times in question. I've yet to hear of any kind of trojan or virus that would allow you to play at a casino or poker room remotely. They can very easily tell from the IP address where the connection came from, and all of that info is routinely logged on the server.

    What operating system are you using? Are you using a router of any sort between the computer and cable/dsl modem? Are you using any antivirus, antispyware, and/or internet security programs?
     
  10. Aug 5, 2004
  11. pokeraddict

    pokeraddict Webmaster

    Occupation:
    Pro Poker Player
    Location:
    Las Vegas
    I cant imagine you will ever see a penny of this but the fact they blocked it and more money was missing, hmmmm, I would have to say they owe you that. Here is what probably happened. If someone hacked your account they found a friend and chip dumped. Pacific must know who the beneficiary of this loss was. Since I have heard time and time again their cashouts are very slow (5 days usually) this money still must be in their system, at least as pending. There would be no other reason to hack someones account unless they dumped, what good would it do? Maybe they know you? Roommate? family member? angry girlfriend?
     
  12. Aug 5, 2004
  13. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    They said that the style of play did not seem like chip dumping, because the span of play was a few hours, and 647 hands were played. I've noted that this is almost as many hands I played in a span of 9 nine days.

    The only people in my house are myself and my mother. I was tossing and turning in my bed for that night, and my mom was dead asleep. That either leads to a trojan or me. I know it wasn't me, but Pacific doesn't care for that.

    I'm also insulted that they lied about some facts in the case. They claimed that the style of play, the game played, and the stakes played were the same throughout the whole time.

    The style of play was obviously different (the guy would do shit like RAISE WITH 72OFF AND 32OFF), the game was Texas Hold'em (Pacific Poker's most popular game), and the stakes were 15/30.

    The part in bold is a blantant lie. And I can't comment on the part about the maximum balance and stuff. It wasn't me.

    They've sent me some e-mails, some containing some nasty stuff, and they've said
    Very classy of them.

    Edit:
    Windows XP, Norton's Anti-virus (which was disabled because it was slowing down my PC), Linksys router between the cable modem and PC.

    I know it looks like it was me, which pisses me off. I mean, looking at the case from a detached perspective makes it look like it was me. This really sucks. :(
     
    Last edited: Aug 5, 2004
  14. Aug 5, 2004
  15. GrandMaster

    GrandMaster Ueber Meister CAG

    Occupation:
    Mathematician by day, online gambler by night.
    Location:
    UK
    There are plenty of remote access trojans which enable the attacker to do pretty much anything on your computer, or once the hacker has sufficient access he can just use XP's remote desktop facility if the victim is running XP.
     
  16. Aug 5, 2004
  17. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    This really sucks. I'm considering responding to their latest e-mail with this
    What do you guys think?

    (Of course, I'm mad at the account being depleted even by a dollar, but do you think it's time for me cut my loses? :( )

    Oh, I should mention that I spoke to JDN, the Director of Full Tilt Poker. He thinks that this situation is ridiculous.
     
  18. Aug 6, 2004
  19. jpm

    jpm Dormant account

    But it would be visible on the screen and of course the computer would have to be on. Its pretty unlikely that its remote desktop though, since he's operating behind a router and unless he set the router up for his computer to operate in the DMZ, or opened those specific ports thru to his computer's internal IP address, then that's not going to be the case.
     
  20. Aug 6, 2004
  21. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    I leave my PC running 24/7, and I was asleep during the period that it happened (at least trying to sleep. I woke up in the middle of the night, went to my computer, and saw what I saw).

    And I run BitTorrent all of the time, so I have ton of ports open (I think).
     
  22. Aug 6, 2004
  23. jpm

    jpm Dormant account

    Which trojan did you find on there? Sounds like you've got things setup pretty well, except you have to keep that A/V enabled all the time. Also, even though you've got a bit of a firewall with the router, also download ZoneAlarm and run that on your system too. Goto You must register/login in order to see the link. and download SpySweeper and scan your system. If there's one thing in there, there's probably more. Also, is that a wireless router by chance?

    I'd demand from them your play logs and hand histories. Then compare your regular play to the rogue player's play. Make some notes of the obvious differences (like the blind levels played, the silly 72os raising, etc). Also see if he was losing to any player(s) in particular and write that up and send it to them as proof it wasn't you. Also, I'd pitch a bitch thru Bryan with the same info simultaneously.
     
  24. Aug 6, 2004
  25. jpm

    jpm Dormant account

    You saw it playing when you woke up?? :eek:
     
  26. Aug 6, 2004
  27. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    No, I didn't see it playing. I saw a "your connection has been disabled" screen, called to see what was up (because it wasn't logging in like normal when I tried to connect after seeing that), and found out that someone had been playing.

    Had them reset my connection, and found that $2k was missing!

    And they won't release my hand history to me. They said that they only way that they'd let me see the hand history again is if I were to, as they put it
     
    Last edited: Aug 6, 2004
  28. Aug 6, 2004
  29. jpm

    jpm Dormant account

    That is dead wrong. You have EVERY right to get your history and they have no right to deny that to you, regardless of whether it was you playing or not. I'd pitch a bitch immediately for that alone. I can't believe they would have balls to tell you that. Totally reprehensible. You paid for those hands via the rake that they took on each one, period.
     
  30. Aug 6, 2004
  31. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    They really aren't letting me do much. Whenever I call, they tell me to e-mail Operations. I've requested numerous times to speak to someone from Operations. They refused.

    Today I was told that they made a note on my account that I was to contact Operations via e-mail only, and that all requests that I made to speak with them should be denied! :mad:

    And I've received four e-mails from Operations/Management. Three of them read almost exactly the same!

    Edit: If you want, I can e-mail you all of the correspondence to date.
     
  32. Aug 6, 2004
  33. jpm

    jpm Dormant account

    Sorry Grapist, I may have been referring to something that can be taken 2 ways. When I said you should pitch a bitch, I meant thru casinomeister's pitch a bitch form. I think you thought I meant bitch to the poker room lol.

    Here's a link to what I'm talking about...

    http://www.casinomeister.com/problems.html
     
  34. Aug 6, 2004
  35. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    I know what you meant. ;)

    I already pitched a bitch.
     
  36. Aug 6, 2004
  37. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    Does anyone know how long it would take to get a response from the Pitch a bitch form?

    Just curious. I've been talking to some friends, and I'm kinda worried that maybe the Trojan worked too well, I mean, if Pacific is convinced it was me.... :(
     
  38. Aug 6, 2004
  39. The Grapist

    The Grapist Dormant account

    Location:
    Long Island, NY
    Well, for some reason, I can't find a way to edit my posts, so sorry for the third post in a row.

    If anyone's interested, I'm currently talking to the person that referred me to Pacific. He's an affliate of some sort. He said that he's going to try to take care of the situation.

    Let's hope that something works.
     

Share This Page