Someone hacked into my poker account with a Trojan

[jpm]

I think the reason is like I said early on in this thread. We've seen almost identical stories posted here before, and from the ones I remember, its never been a trojan that was responsible. And I'm certain that the poker support people have heard it all before as well. That's why there is such a huge level of doubt. Certainly it could occur, its just unlikely that it would.

It sounds like you're going down the right avenues though, between the affiliate & Bryan, they should be able to come up with some answers and hopefully the play logs.

Out of curiousity, what was the trojan that you found on the computer? I want to find out more about it. Also, were you by any chance using a wireless router or was it wired?

 

[The Grapist]

Norton's says that among the infected files found, rundll32.exe was infected by a Trojan Horse (it just says Trojan Horse, no specific name).

There are several instances of "Trojan.ByteVerify." As well as dozens of "W32.HLLW.Gaobot.gen."

I use one of those Linksys routers that has wireless ports, but all of our computers are wired. Why do you ask?

Also, there are several instances of spyware, dialers, "JS.Seeker" and adwares.

 

[Freudian]

The reason why your story doesn't add up is this.

You are claiming that a trojan was running a session on your computer without you knowing it. There is no way of these programs to be running in hidden mode. You would see it on your screen. You would see the client, you would see the cards etc.

And since you claim you couldn't log on when trying (because this supposed hacker was logged in), this other session must have been running on your computer at the same time according to you (since it only played from your ip). So why didn't you see the poker program running? Simply because there was no trojan running the poker program through your computer. You can't even run two instances of Party Poker at the same time. So you shouldn't even be able to get to the login screen if another session of Party was running on your computer.

Anyway, feel free to contact people and plead your case. I doubt you will have any success. And you are correct, I have never seen a case where someone ripped someone off from their own computer in this way. I have seen plenty of cases where people claim that trojans lost the money and not the players themselves.

 

[GrandMaster]

There are several instances of "Trojan.ByteVerify." As well as dozens of "W32.HLLW.Gaobot.gen."

Gaobot is serious bad news. Your computer is well and truly "owned". Get it off the net, reinstall your op system from scratch and use better security next time.

 

[The Grapist]

The reason why your story doesn't add up is this.

You are claiming that a trojan was running a session on your computer without you knowing it. There is no way of these programs to be running in hidden mode. You would see it on your screen. You would see the client, you would see the cards etc.

And since you claim you couldn't log on when trying (because this supposed hacker was logged in), this other session must have been running on your computer at the same time according to you (since it only played from your ip). So why didn't you see the poker program running? Simply because there was no trojan running the poker program through your computer.

Anyway, feel free to contact people and plead your case. I doubt you will have any success. And you are correct, I have never seen a case where someone ripped someone off from their own computer. I have seen plenty of cases where people claim that trojans lost the money and not the players themselves.

As I said before, I was asleep for most of the time, or at least trying to. I woke up and saw one of those "your session has been disconnected" as I said before. And as I said before, I was having a bit of trouble logging in, so I called up Pacific.

That's why I didn't see it running.

 

[The Grapist]

Gaobot is serious bad news. Your computer is well and truly "owned". Get it off the net, reinstall your op system from scratch and use better security next time.

Really? Well, that should explain a bit.

Alright, I think I'm going to go archive my important files on C:, and then delete, flatten, reinstall.

 

[jpm]

I agree with Grandmaster's advice. You'll need to either reinstall the o/s from scratch or run about 5 programs multiple times (and then some) to clean it completely. It would be less trouble to backup your data files and reinstall (with a reformat) the o/s from scratch.

I was asking about the wireless part because typically people don't turn on the encryption on their wireless router, and they leave the SSID on broadcast with default name (in this case Linksys), which means anyone can jump on within a good 1/4 mile of your location. Since they would be connected from inside your network, they could easily take over your computer with remote desktop since there would be no barrier in between to stop them. So it could be some neighbor of yours was playing if the wireless was enabled and not secure.

 

[jpm]

Really? Well, that should explain a bit.

Alright, I think I'm going to go archive my important files on C:, and then delete, flatten, reinstall.

Be sure that once you get it back online you first do the windows update and install everything it recommends. Then load Antivirus and keep it updated, ZoneAlarm, and SpySweeper before you surf anywhere else.

 

[Freudian]

As I said before, I was asleep for most of the time, or at least trying to. I woke up and saw one of those "your session has been disconnected" as I said before. And as I said before, I was having a bit of trouble logging in, so I called up Pacific.

That's why I didn't see it running.

Why would you have trouble logging in if it wasn't already running on your computer?

Remember, the only computer that could have been involved is yours (or another computer in your household if you share connection).

 

[The Grapist]

Why would you have trouble logging in if it wasn't already running on your computer?

Remember, the only computer that could have been involved is yours (or another computer in your household if you share connection).

Well, I could tell you right now that I honestly don't know, but now you're going to go out and say "you don't know because you're a liar"

Am I right?

 

[tunisianswife]

question

This is what I don't understand about these hackers....so say they were trying to play on your account and trying to get a big win...then what??? How would they actually get their hands on your cash? If they tried to cash in, it would go into your account....then would that mean they also would have access to your bank accounts too? and then what...transfer cash to where? their account? and then what.....get caught? That's about where it would end....they would get caught by transferring cash to their bank accounts? I'm not computer savvy but can't see where this would get them other than the play of a few cards...unless they would be stupid enough to try to get their hands on your money with the prospects of getting caught being pretty much 100%.

 

[Jblack]

This is what I don't understand about these hackers....so say they were trying to play on your account and trying to get a big win...then what??? How would they actually get their hands on your cash? If they tried to cash in, it would go into your account....then would that mean they also would have access to your bank accounts too? and then what...transfer cash to where? their account? and then what.....get caught? That's about where it would end....they would get caught by transferring cash to their bank accounts? I'm not computer savvy but can't see where this would get them other than the play of a few cards...unless they would be stupid enough to try to get their hands on your money with the prospects of getting caught being pretty much 100%.

While what you are saying is true with online casino's. It is not the cast with poker rooms. Read back a bit on the posts about "chip dumping"

 

[Jblack]

This is what I don't understand about these hackers....so say they were trying to play on your account and trying to get a big win...then what??? How would they actually get their hands on your cash? If they tried to cash in, it would go into your account....then would that mean they also would have access to your bank accounts too? and then what...transfer cash to where? their account? and then what.....get caught? That's about where it would end....they would get caught by transferring cash to their bank accounts? I'm not computer savvy but can't see where this would get them other than the play of a few cards...unless they would be stupid enough to try to get their hands on your money with the prospects of getting caught being pretty much 100%.

While what you are saying is true with online casino's. It is not the case with poker rooms. Read back a bit on the posts about "chip dumping"

 

[The Grapist]

I was wondering, is it at all possible for whoever did this to my account not have been using my computer?

I mean, couldn't they have just used a keystroke logger combined with an IP spoofer?

 

[murder1]

I mean, couldn't they have just used a keystroke logger combined with an IP spoofer?

For a kid that is 19 years old. You sure know alot about Networking and viruses. Makes me wonder why a kid with so much knowledge. Didn't have sense enough to shut down his web-browser and running programs in the background, to prevent all of this.

Sorry Dude, come better next time.

 

[mukke]

My take on this:

1) If the guy has had his account locked, why does he get up in the middle of the night and try to login? And what's that about seing the message about not being able to login and then trying? did he turn on the monitor and the message was already on the screen or what? This doesn't really add up.

2) Money lost before the account was locked is the sole responsibility of the user. Sucks, but that's how it has to be. Money lost AFTER the account was locked is the responsibility of the card room. This was obviously a fault on their end - human or technical - and they need to rectify this.

3) Phone vs email: If I were in their place, I'd prefer email too. This way it's easier to keep account of the case and spot opposing claims.

Casino-on-net used to be fair, I doubt we really have the complete picture here...

 

[The Grapist]

My take on this:

1) If the guy has had his account locked, why does he get up in the middle of the night and try to login? And what's that about seing the message about not being able to login and then trying? did he turn on the monitor and the message was already on the screen or what? This doesn't really add up.

I didn't have my account locked until after I woke up and saw what I saw. I saw a message that said "You have been disconnected from Pacific Poker."

And I'd prefer phone because everytime I received an e-mail from Pacific, it was pretty much the same message. On the phone, I could actually argue with what they say. E-mail, they don't listen.

 

[The Grapist]

For a kid that is 19 years old. You sure know alot about Networking and viruses. Makes me wonder why a kid with so much knowledge. Didn't have sense enough to shut down his web-browser and running programs in the background, to prevent all of this.

Sorry Dude, come better next time.

I "have so much knowledge" because I've been hitting google and my friends like crazy since this happened.

One of my friends suggested that I specifically ask about key-loggers, because that's what many Trojans are. Specifically, the Trojan that infected my PC. Even Nortons told me that.

And I don't shut down my web-browser because I have a cable modem. You don't need to shut it down.

Edit: I appreciate the help that some of you are giving me. But I definately don't appreciate being called a liar every other post. I'm not lying. Do you really think I'd come here if I was lying?

 

[pokeraddict]

Do you really think I'd come here if I was lying?

I'm sure Bryan could give you endless examples of scammers who sent pitch a bitch that were BS. You'll be VERY lucky to get a penny back. I've been playing pro online for years and have never heard such story that did not involve a chip dump. I do not play Pacific because they seem to have alot of problems other poker rooms do not have but if this was a fraud from a trojan you'd be damn sure they would want to get to the bottom of this, dont you think they would want the scammers out?

 

[dominique]

Money lost before the account was locked is the sole responsibility of the user. Sucks, but that's how it has to be. Money lost AFTER the account was locked is the responsibility of the card room. This was obviously a fault on their end - human or technical - and they need to rectify this.

I agree with this, regardless of other circumstances.

After the account was locked, it should have been locked. Period.

 

[The Grapist]

I agree with this, regardless of other circumstances.

After the account was locked, it should have been locked. Period.

Naturally, I'd like to get all of my money, but I agree with that fact that there's no excuse for me not getting the $1000 that was lost after the account was closed.

Of course, this is their excuse for not giving me back that money (I think I quoted this earlier, but it bares repeating):

Please understand that I have to consider all the facts, and in the event that your system has been infected by a Trojan Horse and someone has had access to your passwords, this is not something that we should be accountable for. Jeff, the ultimate responsibility for the security of your computer system is in your hands and not ours.

We do apologize for the fact that although your account was blocked, access was still available for a short while. However, as all our evidence points out that your account was accessed from your PC using your username and password, we cannot support your claim that a third party was involved and that this incident occurred due to our negligence.

I'd think that the incident did occur to their negligence! The account should have been closed. In another e-mail, they wrote this:

Due to a technical error, the account was still able to be logged into
after this time

That sounds like negligence to me!

 

[tunisianswife]

who is responsible for technical error

Yes, I agree, Grapist, "technical error" is something on their end. It is so unfortunate that there are such dishonest people out there that raises scepticism in the minds of many. It usually ends up labelling all of us as theives even if we are victims. I have been watching these posts to this thread and do hope that all works out for you; but most of all, that you are able to track down whoever did this.

They are basically saying that you are responsible for your own software. Touche!! "technical error" is error on their part and they should be held accountable for their software problems also.

I have read many of the rogue players letters to casinomeister and I must say that although I may be a bit naive or want to believe that for the most part people are truly good and honest, I do believe that you truly had this unfortunate incident...why else would you be coming back in here to check on updates of possible bits of advice from the masses?

Just a little peon here, but always the cheerleader!

*btw....still don't understand what dumping means. Have tried searching on here for answers but am a clueless little peon.

 

[The Grapist]

Just a little peon here, but always the cheerleader!

*btw....still don't understand what dumping means. Have tried searching on here for answers but am a clueless little peon.

Thanks.

From what I've seen, chip "dumping" means that you intentionally lose the chips in one account to one or more accounts. Say you have Account #1 and Account #2. Account #1 has a large balance, and has been taken over by a hacker. Account #2 is owned by either the hacker, or his accomplice. Account #1 will go into a hand, and constantly raise. The goal is that Account #1 either loses the hand or folds, and Account #2 takes the money.

Pacific has been giving me nothing but a hard time. They claim that there is no chance that chip dumping occurred, but I do know for a fact (I briefly had access to my hand history during the small time between finding out about what happened and suspending my account, along with the person at Customer Support telling me what happened) that crappy hands were played and raised, which is a tell-tale sign of dumping.

What I do know for a fact, and what Pacific has said, is that the account was played for many hours, and for most of them, the account maintained a good balance. Sounds like nothing out of the ordinary. But at a certain point, the balance sharply went down, and the crappy hands were played.

If I were looking at the case, I'd honestly say that it seems weird, but probably not enough to say "YEP! Chip Dumping!" However, the thing that for me, confirms that something was up (and what Pacific says is nothing wrong) was that hours after I called, the account was played, and within 30 minutes, $1000 more was gone.

And murder1, I don't know what you're trying to say. (I'm going to ignore the grammatical errors). How does my age indicate anything about what should be my knowledge of computers?

 

[tunisianswife]

game logs

have you asked them to send you a detail of the game log hand per hand so you can examine this closely?

 

[The Grapist]

have you asked them to send you a detail of the game log hand per hand so you can examine this closely?

Yes.

Everytime I called up, I asked to get the hand history. They told me that the only way that I could get the hand history would be for me to log into my account. And for me to log into my account, they would need to re-open it. And they said that for them to do that, I would need to "admit to guilt" as they put it.

It's quite frustrating.