1. By continuing to use the site, you agree to the use of cookies .This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy.Find out more.
    Dismiss Notice
  2. Dismiss Notice
  3. Follow Casinomeister on Twitter | Facebook | YouTube | Casinomeister.us US Residents Click here! |  Svenska Svenska | 
Dismiss Notice
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!

At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.

Registration is fast, simple and absolutely free so please, join Casinomeister here!

Was this what happened at Absolute?

Discussion in 'Casinomeister's Poker Room' started by jetset, Mar 11, 2008.

    Mar 11, 2008
  1. jetset

    jetset Ueber Meister CAG

    Occupation:
    Senior Partner, InfoPowa News Service
    Location:
    Earth
    SECURITY EXPERT URGES CARE IN ONLINE ACTIVITY

    Trojans used to steal millions from online poker players, says security specialist

    In an article in Tech Radar this week, Mikko Hyppnen the chief research officer at security software company, F-Secure cautions online poker players to take care when using the Internet as security scams are taking place.

    In his work as a consultant with European security agencies on cyber crime Hyppnen frequently comes into contact with threats posed by cyber-criminals, and hears many cautionary tales of how people have been prejudiced, sometimes without even realising it.

    Hyppnen told the publication that hackers are stealing millions from innocent web users, deploying tactics from mobile phone spying to planting Trojans and hacking into systems.

    Online poker players, he claims, are some of the ripest targets. And the expert cautioned that he knows of cases where online poker sites have been used to "launder" money or credit obtained through cyber criminal enterprises, in at least one case by a ring which went on to buy articles subsequently sent to insurgency groups in Iraq.

    Online poker players are a massive target for hackers," said Hyppnen. "People play it with real money obviously, so theyre a big target. We were just investigating a case where a professional online poker player was attacked by someone he would play against regularly online. And were talking about professional players, and big money. Hundreds of thousands of euros on the table at a time, he said.

    All of a sudden he started losing. He would regularly lose even when he had a great hand pocket aces for example. If he had an unbeatable hand, the other players would simply fold. And when he tried to bluff, he would lose. He lost a lot of money this way, were talking hundreds of thousands of euros.

    This went on for weeks. And when we looked into it we realised that one of the other players at the table had sent him a tool. A calculator of sorts to help him optimise his poker playing. And we found that the application included a Trojan.

    When he was playing online poker against these people who were in another country, the guy could press a button and he would receive a screenshot of the targets screen. So he sees the hole cards. If youre playing poker and the other players know your cards, its pretty hard to win.


    Its a clever attack because the hacker could have just stolen the account and moved the money away. But he would have been caught. But this way the target was losing his money to someone else and he didnt realise it was a con. I dont think many online poker players realise that those kind of attacks are being done.

    Hyppnen highlighted the case of Tariq Al-Daour who was sent to prison after he used online poker sites to launder millions of pounds to fund insurgents in Iraq.

    Tariq Al-Daour was sentenced last summer in London with two of his friends, for using Windows Trojans. They were using keyloggers which save everything you type on the keyboard. And they waited until you did online shopping so they could get your name, address, credit card number etc, and this way they managed to get 36 000 cards. American Express, Visa, Mastercard - the lot. And what they did is they took those cards to online poker sites.

    They set up new accounts with the stolen cards and of course they played against themselves, losing on purpose. This way they were able to launder the money. Again its pretty clever because if someone comes asking about all their money, they can prove they won it at poker.

    They laundered close to about two million euros. And the really weird part is what they did with the money. They took the money back to online shops and bought stuff like hiking boots, tents, knives, GPS devices, radios...

    And then they would use couriers to ship those goods to Iraq.
     
    4 people like this.
  2. Mar 11, 2008
  3. Zoozie

    Zoozie Ueber Meister CAG PABnonaccred

    Occupation:
    Software Developer
    Location:
    Denmark
    No, it was nothing like this at all. The Absolute cheating scandal was an insider job with no Trojans involved. The cheater could see all hole from all players.

    The only plausible explanations are still:
    1) Superuser account
    2) Hacking into the server accessing run-time data/logfile. And this was only successfull because Absolute poker also made the gigantic blunder of logging/means of access to the run-time data before a hand was over.
     
    1 person likes this.
  4. Mar 11, 2008
  5. maxd

    maxd Complaints (PAB) Manager Staff Member

    Occupation:
    The PAB Guy
    Location:
    Saltirelandia
    Very interesting article though, thanks for posting it Jetset.

    AFWIW, "superuser" accounts are standard practice in almost every field of software development on the planet -- telecommunications, operating systems, games, enterprise management systems,etc etc, you name it -- so the question at AP is much more realistic if you ask "do he have superuser access?" rather than "was there a superuser account that he could have used?" Assume that superuser access does exist and you'll putting pretty close to par.
     
  6. Mar 11, 2008
  7. Mousey

    Mousey Ueber Meister Mouse CAG

    Occupation:
    Pencil Pusher
    Location:
    Up$hitCreek
    I don't for a minute think that's what happened at Absolute. However, it could very well be something similar that happens at any given poker room on any given day.

    It also could be something similar (trojan/keylogger/bot drone) that enable(d) persons unknown to empty players accounts. (About which we have still heard little or no explanation.)

    So, while playing against a poker bot is not in itself a losing situation, playing against a bot who is in contact w/a 'sister' bot on your computer, however, is. (And believe me, I know from experience, firewalls and anti-virus apps out the ying-yang are not always enough to prevent infection.)
     
  8. Mar 12, 2008
  9. maxd

    maxd Complaints (PAB) Manager Staff Member

    Occupation:
    The PAB Guy
    Location:
    Saltirelandia
    Ok, totally OT but ... love the avatar Mousey! :thumbsup: "Mission Im-Mouseable". :D
     
    1 person likes this.
  10. Mar 12, 2008
  11. thisisvegas

    thisisvegas Dormant account

    Occupation:
    Affiliate & Casino Manager
    Location:
    Canada
    I think this guy's company is trying to ride some free media exposure on the Absolute scandal. He is right in that there are programs out there to try to watch player activity. I think in the near future most poker software will be able to detect odd behaviour and you can thank professional poker players for being able to uncover these cheats.

    What happened at Absolute Poker was a super user account and an inside job. The super user was able to knock off pros and I find it highly unlikely that a professional online poker player would have any sort of virus or trojan on their computer. They care more about their security than anybody else especially with the amounts they have in their accounts. On top of that it is easy to see something funny happen when the player is involved in nearly 100% of the hands.

    Also the comments about these poker companies allowing money to be laundered or used for terrorist activities is another joke. He is either playing off of fears or just trying to ride the bandwagon. Send this to twoplustwo forums and see him get eaten alive.

    John
     
    2 people like this.
  12. Mar 12, 2008
  13. swampwitch

    swampwitch ProfessionalUnderachiever

    Occupation:
    Independent craftsperson specializing in chenille
    Location:
    Iowa, dammit.
    I'd be more apt to give this serious consideration if this had been brought to light by anyone other than someone who makes their living from computer vulnerabilities.

    Why would a professional big money player use a tool, especially one sent to him by a rival player? Why doesn't the article name the player?
    Notice F-Secure didn't have a problem giving the name of Tariq Al-Daour..but leaves out the pertinent fact that the stolen credit card numbers he used when opening up casino and poker accounts were not obtained through vulnerabilities of the poker sites themselves.
     
    1 person likes this.
  14. Mar 12, 2008
  15. The Ronin

    The Ronin Dormant account

    Occupation:
    Semi-pro poker player.
    Location:
    Back East
    I agree with thisisvegas: Seems like a bit of a stretch to go from:

    You must register/login in order to see the link.

    To this:

    Now granted their might have been some other article that I haven't seen that validates the poker player angle in the news story. If not, it does seem alarmist in nature, and stretching the truth to sensationalize a more simplistic view of what really happened.

    What looks like really happened, horrible as it was, is he sole the funds from gambling and possibly poker player accounts. Plain and simple.

    Also adding the:

    Wrong. And their guilty pleas and or verdicts do not support that statement. They did the same thing every other cyber crook does when they get hot numbers. Shop till you drop, or max out. Fence the goods, usually on ebay, and use the cash for whatever you want.

    These knuckleheads used the money to set up websites inciting terror. Unless it was reported, and the convictions mirror the claim or report, one must again assume it is false.

    These guys are thieves, nothing more. Their political and religious views aside, they are simply thieves. And I thought according to their religion they are supposed to lose a hand for stealing :thumbsup:

    Linking teror, poker and al-qaida etc (intentional mis-spellings) makes for a snazzy flash news article. The truth is much less flashy.
     
    2 people like this.

Share This Page