Hacked!

Hacked!

Tuesday, 1 October 2013

Eve Goodman looks at how we can defend ourselves against high-tech cheats.

In Wild Bill Hickok’s day, gunfights and robberies over the card tables were a common and often highly dangerous occurrence. Poker players had to be constantly vigilant and aware, lest they saw their hard-earned winnings disappear before their eyes. While nowadays it’s unlikely that winning some big pots will see you dodging bullets from a gaggle of disgruntled cowboys, modern players are nonetheless faced with a whole new host of serious potential threats to them and their money.

An all-too-real example of this is the shadowy phantom of the online “superuser”. Defined as an online poker account that is able to see an opponent’s hole cards in real time, a superuser has the ultimate ability to cheat and defraud other players out of huge sums of cash. Such a scam first hit the headlines in 2007, when a pro playing on Absolute Poker lost the heads-up battle of a $1,000 buy-in tournament to a user with the alias ‘Potripper’.

‘Potripper’ exhibited some very unusual play indeed – he seemed inexplicably to know whether his opponent genuinely had a good hand, or was bluffing every time. He even called down a large bet from his opponent with a measly ten-high and was right. The defeated pro in question was suspicious, and requested a hand history from the site, which led to AP “accidentally” (although many suspect it was a deliberate decision made by a whistleblower) replying with an Excel spreadsheet containing a wealth of incriminating details. After much investigation, it was found that a certain person observing the tournament table could see all hole cards, and had been duly relaying them to “Potripper”. It is suspected that employees of Ultimate Bet/Absolute Poker stole in excess of $50 million from their customers using similar techniques.

The revelations sent shockwaves through the poker community. Suddenly the people who’d staunchly insisted that online poker is rigged – you know, those same people who you’d previously assigned to the same mental category as the tramp on the street who claimed to be the reincarnation of a new alien roller-skating super-Jesus – didn’t seem so crazy after all. But this was way back in 2007… surely improved technology and awareness since then has solved the problem, right?

Wrong.

Paranoia about being super-used has arguably never been higher, and with good reason. This time, however, the culprits are often individual players. In May of this year, high-stakes grinder Douglas “WCGRider” Polk posted on Two Plus Two forums about his experiences after realising he’d been super-used. In this case, Polk lost around $35k to an unknown “fish” known as “Forbidden536”, before uneasily making the decision to quit playing. He promptly contacted PokerStars, who investigated and eventually replied that they were “sure beyond any reasonable doubt” that Polk’s opponents could see his hole cards.

In the same post, Polk revealed that he believed he knew who was behind the crime – a UK grinder by the name of Joshua Tyler, who had been introduced to Polk by nosebleed legend Daniel “Jungleman” Cates. Tyler had stayed at Polk’s Vegas home for a few nights while in town for a meeting, paving the way for some rather strange developments to unfold.

“One of my roommates saw Josh go into my office,” said Polk. “The office is only accessible if you walk through the master bedroom into a balconied hallway that leads to it; the office is the only room in this area. My laptop is stored in my office, and is my exclusive computer used for poker while travelling. I don’t understand why Josh would be in my office to begin with, or what happened while he was there.”

Polk concluded that all the evidence pointed towards Tyler covertly tampering with his computer, thus leading to him being super-used. However, Tyler – who could not be reached for comment – has since posted in the same thread strongly protesting his innocence. As it stands, the evidence is insufficient to prove Tyler’s guilt in the matter.

Having said this, whether Tyler is innocent or not does not change the fact that SOMEONE planted illicit software on Polk’s computer.

Commendably, PokerStars made sure that Polk was swiftly refunded his money. However, even though the funds had been returned, Polk and many other players were left with a sour taste in their mouths. The chilling reality is that “Forbidden536” was only discovered because of one reason – he was careless. If he’d had made a few less outrageous hero calls and unbelievable laydowns, perhaps even losing a few pots on purpose, then it is likely that Polk may not even have been suspicious. The more subtle a superuser is, the more money he stands to gain in the future – and a victim could easily end up down hundreds of thousands without ever suspecting anything untoward.

Just months after Polk told his story, a new hacking scandal exploded, shaking the poker community to its very core. It began when Jens “Jeans” Kyllonen, a high-stakes regular, posted an urgent warning on Two Plus Two forums to any poker players staying in the Hotel Arts during the 2013 EPT Barcelona.

“For now both for me and Ignat Liviu (0human) the same thing happened,” wrote Kyllonen. “Roomkey doesn’t work, go down to reception for a new key, come to the room to notice the laptop missing, go back down, in less than 10min go back up, and the laptop has reappeared. We are for sure not the only ones. Tell everyone you know at Barcelona arts to not play on their laptops.”

In a follow-up post, Kyllonen described the experience as “one of the most disturbing things I’ve gone through”, explaining his strong suspicion that someone had broken into his hotel room in an attempt to plant a Trojan on his laptop. After appealing to the hotel management for answers and being repeatedly fobbed off, Kyllonen was close to giving up when a chance meeting with Ignat ‘0human0’ Liviu in an elevator changed everything. The two got chatting, and incredibly, Liviu’s laptop had been stolen too. The similarities between their individual cases were blatant, and the two were spurred on to investigate.

In the wake of Kyllonen’s post, other poker players began popping up with similar accounts. Typically, most of the stories had common elements, involving faulty room keys and odd phone calls enquiring when the room would be free for cleaning. Some players even reported noticing small (but abnormal) details on their laptop screens when they were booted up (Kyllonen posted snapshots of the screens that came up upon turning his laptop on, pictured).

Fortunately, Kyllonen knew just how serious the implications of being hacked could be. “A close friend of mine had this happened [sic] to him and lost 300,000 euros before taking his computer to an expert to notice it was contaminated,” said Kyllonen. “I was extremely lucky to come back to my room at the right time so that a crime this serious did not work for me.”

It is likely that there were others who were not quite so lucky, however. Although there were very few cases where players actually saw their laptops disappear and reappear again, it is nonetheless probable that many other players were targeted – some of whom may not have seen the warning until it was altogether too late.

So what can be done to combat the problem? The phenomenon of the rich poker player being targeted by thieves is obviously nothing new. However, many pros admit to being worryingly careless with their laptops, considering that this one machine effectively holds the key to their whole bankroll. To add to this, hackers are designing malware that is becoming progressively more sophisticated. Worryingly, there is no way to determine the rate of infection, since if it was successful that would necessarily mean that it had gone undetected.

Hacked

Having said this, there are some precautions you can take to drastically reduce your vulnerability to this kind of attack, such as disk encryption and a complex system of passwords (see Keep Yourself Safe, below). When you consider that it is your livelihood that is at stake, it’s obvious that it’s unquestionably worth doing a thorough job. It’s a sinister reality that high-stakes players are being increasingly targeted by online fraudsters, and the potential money to be lost in such schemes is staggering. All players, particularly those who frequent the highest stakes, should take a few big blinds out of their bankroll to pay for some proper security equipment – or potentially suffer the consequences.

Over all, poker has come a long way since ol’ trigger-happy Bill Hickok’s day. There have never been more variants available to play, and more ways to play them; when finding a game, you can choose from a huge range of destination casinos, or even just stay in the comfort of your own home. You can choose who you want to play, and even how much you want to reveal about your own identity. However, some things are still very much the same. Most of the best poker players of our generation publicly enjoy their financial successes, the gleaming luxuries of decadence blinding them to the fact that they now have a cross on their back and a potential enemy lurking in every corner. Nowadays we may have HUDs, training sites and the ability to open 30 tables at the click of a button – but make a few bucks and it’s still the Wild West out there.

Keep Yourself Safe

1. Use secure passwords for all accounts

Use a good-quality password manager such as Keepass, which will automatically generate high-strength passwords for you. All your password information will then be stored inside an encrypted database, which you can access with one Master Password (the only one you need to memorise).

2. Get full disk encryption

You can purchase a range of programmes that will fully encrypt your entire hard drive, including the operating systems, applications and data stored on it. Without the encryption key, which is required upon starting up your laptop, hackers will be locked out of your system.

3. Make it physically secure

This one is not as hi-tech, but can be equally important. Consider investing in a durable security case for your laptop that makes it physically difficult to access.

4. Don’t let anyone else use your computer

This may seem like an obvious one, but don’t lend your laptop to anyone, even friends. It may seem OTT, but in the interests of laptop security, the only person you can trust on your computer is yourself.

5. Keep poker separate

If you play for a significant enough amount of money online, you might want to consider investing in a separate laptop for poker. If you play on one computer and keep your internet browsing/video gaming/Skype activities to the other, this reduces your risk of attack from hackers.

Help - I think my laptop could be infected!

If you have reason to think that there is a chance your laptop could be infected with dangerous malware, DO NOT play poker on it or connect it to your home network. Take it to an expert in computer security and have them look at it. Often virus scans are not thorough enough to detect more easily hidden viruses, and it will be much more effective to have a trained human take a look who will instinctively recognise anything suspicious.




Tags: Eve Goodman, Jens Kyllonen, security