|
Full Tilt Account hacked for $40,000
I was alerted to this when I received an email from Full Tilt saying that I had changed my email address. I had not done this, so I immediately logged into my account and saw that it was empty.
I contacted support(through email because for some reason their security department does not have a phone number). Their security team looked into it and found that over the last three days (Fri, Sat and Sunday) someone gained access to my Full Tilt account and used it to play high stakes games. They bought gift certificates and then redeemed them back to my account(which was very weird and I'm still not sure of the purpose of that). Full Tilt investigated the play and apparently the money was not dumped to anyone in particular but was lost to multiple legitimate players. They determined that the logins came from foreign IP Addresses but were not able to recover any funds. They also do not reimburse players for fraudulent losses. I've conversed with them alot through email since this happened, here is a snippet of the most recent one: "The Gift Certificates, as mentioned in the first email, were redeemed back into your account. This is extremely odd, as I would have thought that the infiltrator of your account would have redeemed it into a different account. It simply makes no sense why this player would purchase gift certificates only to redeem them back into your account. That being said, your funds were then used within your account to play on the tables. All of your funds were lost to legitimate players and cannot be reimbursed. Unfortunately, Full Tilt Poker is not like a credit card company, we cannot be responsible for what occurs on your account and your funds are not insured by Full Tilt Poker." It appears that they accessed my email account as well and deleted the confirmation emails that were sent when they purchased the gift certificates. Because of this I did not realize what was happening until it was too late. I had all windows security updates running, an anti virus program, a software firewall, a hardware firewall and I never downloaded suspicious files/executables. I am not sure what more I can do. I went out and bought vista and new firewall/anti virus software but I really don't feel much safer. I am not sure what to do, I feel pretty helpless. I am going to contact the police today, but I'm not sure what their power is in this type of situation. Does anyone else have any suggestions or feedback?? Has this happened to many others? man feels like every time I post here, I'm posting something crappy that has happened [img]/images/graemlins/frown.gif[/img]. sol. |
Re: Full Tilt Account hacked for $40,000
This sucks. Before doing anything to your computer I would replace your hard drive and keep it. It's kind of a long shot but possibly the hacker left some evidence?
|
Re: Full Tilt Account hacked for $40,000
That sucks, try and find out how someone got onto your account.
|
Re: Full Tilt Account hacked for $40,000
already formatted the two I use regularly, that is a good idea though.
|
Re: Full Tilt Account hacked for $40,000
Get Keepass and you won't have to worry about anyone being able to hack your password.
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
That sucks, try and find out how someone got onto your account. [/ QUOTE ] Ya thats the one thing that stumps me the most, I still cannot figure out how they got access. I am not sloppy at all with security measures. |
Re: Full Tilt Account hacked for $40,000
Is there a FAQ for security measures?
|
Re: Full Tilt Account hacked for $40,000
wow sorry to hear about this man, I dont know if your rich or not but that is A LOT of money. Maybe it would be a good idea to keep less money in online poker sites from now on. Anyway, sorry to hear about that [img]/images/graemlins/frown.gif[/img]
|
Re: Full Tilt Account hacked for $40,000
I think it's a long shot, and I'm not sure what you can do about it, but is your FTP password the same as other passwords you use? For example, if you registered on some online site and used the same password as you did for FTP, then it's possible that the online site basically stole your identity. Most websites are reputable (2+2 for instance), but you never know.
They said that it came from a different I.P. address. ASK THEM WHAT IT WAS. You can find out the person's location, contact their ISP, and try your best to get the police to do something. $40K is a lot of money. Good luck. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Is there a FAQ for security measures? [/ QUOTE ] http://forumserver.twoplustwo.com/showfl...p;vc=1&nt=6 |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Is there a FAQ for security measures? [/ QUOTE ] this is about all I could find on their site: "Banking and Transaction Processing - Real Money Full Tilt Poker conducts their banking and financial affairs in accordance with generally accepted standards of internationally recognized banking institutions. Full Tilt Poker follows and adheres to applicable laws pertaining to transaction reporting and anti-money laundering laws and regulations. Prize Payouts - Real Money Full Tilt Poker does ensure that there is adequate financing available to pay all current obligations and that working capital is adequate to finance ongoing operations. Full Tilt Poker does pay winnings and account balances promptly upon reasonable demand. Security - Real Money Section Full Tilt Poker Inc. uses 256-bit SSL encryption to protect sensitive information online, and also does everything possible to protect user-information off-line. All users' information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, a billing clerk or a customer service representative) are granted access to personally identifiable information. ALL employees are kept up-to-date on security and privacy practices. Every quarter, as well as any time new policies are added, employees are notified and/or reminded about the importance Full Tilt Poker places on privacy, and what they can do to ensure that user and member information is protected. Finally, the servers that store personally identifiable information are kept in a secure environment, behind a locked cage. For additional information, please refer to the Privacy Agreement on this site." |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
[ QUOTE ] Is there a FAQ for security measures? [/ QUOTE ] http://forumserver.twoplustwo.com/showfl...p;vc=1&nt=6 [/ QUOTE ] Very helpful for everyone, thanks. |
Re: Full Tilt Account hacked for $40,000
What makes you think the source of the security breach was your computer?
|
Re: Full Tilt Account hacked for $40,000
A possible explanation of the gift certificate thing was that the felon bought them intending to cash them out to another account, but then received some good advice / had second thoughts about the possibility of being tracked.
|
Re: Full Tilt Account hacked for $40,000
buy a mac
|
Re: Full Tilt Account hacked for $40,000
Has anyone had access to your PC? 40K is a lot of money to most people, and even those that you consider close aren't immune to jealousy. It's sad, but if you're more successful than your "friends," sometimes they feel bad about themselves and wish you harm.
It sounds like someone who know you was smart enough to gain access to your PC, and was also jealous of you. He/she also feared that taking the money would ultimately lead back to them, so they decided to use the opportunity to live it up like a high stakes gambler. You suffer, and in a sick way they feel good. I hope something like this isn't the case, but it's something you must consider. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
What makes you think the source of the security breach was your computer? [/ QUOTE ] I don't know, full tilt says it wasn't them and told me it must be my computer(the generic default keylogger excuse). I can't think of anywhere else unless it was intercepted in transmission between servers. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
A possible explanation of the gift certificate thing was that the felon bought them intending to cash them out to another account, but then received some good advice / had second thoughts about the possibility of being tracked. [/ QUOTE ] that makes sense |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Has anyone had access to your PC? 40K is a lot of money to most people, and even those that you consider close aren't immune to jealousy. It's sad, but if you're more successful than your "friends," sometimes they feel bad about themselves and wish you harm. It sounds like someone who know you was smart enough to gain access to your PC, and was also jealous of you. He/she also feared that taking the money would ultimately lead back to them, so they decided to use the opportunity to live it up like a high stakes gambler. You suffer, and in a sick way they feel good. I hope something like this isn't the case, but it's something you must consider. [/ QUOTE ] Ya I sure hope that wasn't the case, I highly doubt it, but I am a pretty trusting individual. Maybe a little too much. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
It appears that they accessed my email account as well and deleted the confirmation emails that were sent when they purchased the gift certificates. Because of this I did not realize what was happening until it was too late. I had all windows security updates running, an anti virus program, a software firewall, a hardware firewall and I never downloaded suspicious files/executables. I am not sure what more I can do. I went out and bought vista and new firewall/anti virus software but I really don't feel much safer. I am not sure what to do, I feel pretty helpless. I am going to contact the police today, but I'm not sure what their power is in this type of situation. Does anyone else have any suggestions or feedback?? Has this happened to many others? man feels like every time I post here, I'm posting something crappy that has happened [img]/images/graemlins/frown.gif[/img]. sol. [/ QUOTE ] Man that is awful! 40K is a lot of money to lose. You might not want to format your old hard drives yet. Might be useful as evidence or clues. Buying new hard drives might be better. Seems like you're pretty safe on security. Don't know what else you can do. |
MY FULL TILT ACCOUNT WAS HACKED!!!! TWICE!!!!!!!!!!
I am not reporting though, since the hackers lose less money than I do.
Nineinch |
Re: MY FULL TILT ACCOUNT WAS HACKED!!!! TWICE!!!!!!!!!!
[ QUOTE ]
I am not reporting though, since the hackers lose less money than I do. Nineinch [/ QUOTE ] haha if only that was the case with me [img]/images/graemlins/smile.gif[/img]. Apparently the guy went on and hit and ran sbrugby on my account for an almost 80K pot. Would have been interesting if I had logged on right after he did that. http://www.highstakesreport.com/repo...s-on-townsend/ |
Re: MY FULL TILT ACCOUNT WAS HACKED!!!! TWICE!!!!!!!!!!
[ QUOTE ]
[ QUOTE ] I am not reporting though, since the hackers lose less money than I do. Nineinch [/ QUOTE ] haha if only that was the case with me [img]/images/graemlins/smile.gif[/img]. Apparently the guy went on and hit and ran sbrugby on my account for an almost 80K pot. Would have been interesting if I had logged on right after he did that. http://www.highstakesreport.com/repo...s-on-townsend/ [/ QUOTE ] Timing is everything. /= At least we know that person probably wasn't losing intentionally... |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
[ QUOTE ] What makes you think the source of the security breach was your computer? [/ QUOTE ] I don't know, full tilt says it wasn't them and told me it must be my computer(the generic default keylogger excuse). I can't think of anywhere else unless it was intercepted in transmission between servers. [/ QUOTE ] Well, that would kind of be a 40k admission. Big surprise they say it wasn't them, I bet they stick to that story. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Get Keepass and you won't have to worry about anyone being able to hack your password. [/ QUOTE ] I have keepass, but I don't understand how it will prevent a hacker from keylogging you. For me, keepass is just a program that keeps all my passwords. Barrin6 |
Re: Full Tilt Account hacked for $40,000
I watched "you" hit and run against sbrugby and thought you were just some low-stakes player taking a shot.
The thing that gets me is that yes, you may have lost some funds to legitimate players, but surely some of the funds went into a fund that the hacker had access to in some way. What would be the point of this whole endeavor otherwise? Surely there has to be some way to figure out who the accomplice was that had the chips dumped to them. |
Re: Full Tilt Account hacked for $40,000
shahmat,
Where were you when this was happening? Would someone have access to your PC? It seems odd that this could happen over several days without you knowing. I would guess the person who did this knew you. Though he would probably have to know something about poker, too. What stakes do you normally play? Because it seems like they knew how much was in your account. I hate reading stuff like this. This stinks, sorry dude. |
Re: Full Tilt Account hacked for $40,000
If money wasn't dumped somewhere and they were doing it for kicks, it must have been easy.
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
The thing that gets me is that yes, you may have lost some funds to legitimate players, but surely some of the funds went into a fund that the hacker had access to in some way. What would be the point of this whole endeavor otherwise? Surely there has to be some way to figure out who the accomplice was that had the chips dumped to them. [/ QUOTE ] Those are exactly my thoughts. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
shahmat, Where were you when this was happening? Would someone have access to your PC? It seems odd that this could happen over several days without you knowing. I would guess the person who did this knew you. Though he would probably have to know something about poker, too. What stakes do you normally play? Because it seems like they knew how much was in your account. I hate reading stuff like this. This stinks, sorry dude. [/ QUOTE ] Thanks, ya it's brutal. I think I may have been home when this happened, I'm not 100% sure, I'm still waiting to get the hand history details from full tilt so I can find out exactly when everything happened. They have been very slow on giving this to me. I did go out Friday and Saturday night for the majority of the night so I may have been gone at those times. But Full Tilt has told me that they logins didn't come from my IP Address but rather from quite a few different ones, in different parts of the country(Canada). I usually play 25/50NL, but had played very little this month on Full Tilt. |
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
If money wasn't dumped somewhere and they were doing it for kicks, it must have been easy. [/ QUOTE ] Ya I don't get it, what sort of kicks does someone get from that. I think some of it must have gone to one of their buddies. |
Re: Full Tilt Account hacked for $40,000
Someobody on the list made money off you that was not legitimate. I would goto the police, i would think if FT cooperated with all the info someone could put this together. Especially for 40k i think this is worth investigating.
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
[ QUOTE ] If money wasn't dumped somewhere and they were doing it for kicks, it must have been easy. [/ QUOTE ] Ya I don't get it, what sort of kicks does someone get from that. I think some of it must have gone to one of their buddies. [/ QUOTE ] You are talking about hackers. Many are blackhats that will spend hours hacking into a website just to toss up some brag posts or pics about it. They'd happily hack into an account to burn your $40k for the thrill of it. Ever play an MMO? There are grief players that will log 40 hours a week to do nothing but try to ruin other people's day. |
Re: Full Tilt Account hacked for $40,000
No no no. You don't target a random individual to get respect. You target the poker site. Working for hours prying open a single account is either personal or financial. Or, they didn't work for hours. Or it was a demonstration that they own ftp.
|
Re: Full Tilt Account hacked for $40,000
OP, sorry about your bad luck. Good luck trying to get it back.
How's this for a counter-hacking idea: If you choose to do so, you can contact the site and tell them not to allow your account to sit at tables above certain stakes. Certainly not foolproof, but it would take a lot more time/be a lot less fun for a hacker to blow $40k at $1000NL as opposed to $40,000NL or whatever. Just a thought. |
Re: Full Tilt Account hacked for $40,000
I don't think they target particular individuals. More like they toss out a net of trojans and haul it in every once in awhile to see what they've caught.
I've never been a hacker, but I've known plenty. Don't underestimate their desire to bring grief to random people just for the fun of it. |
Re: Full Tilt Account hacked for $40,000
how do you access the poker sites from your PC?
If the passwords are pre-completed on your PC (so you never actually type them in) then a trojan or hardware that logs keys pressed wouldn't record them. And does anyone other than you have access to the actual PC? If I had $40k online I would be using a fingerprint access system for sure... I would have kept the hard-drives and had an expert give them the once over. In the absence of issues there or a key-logger on the PC or anyone else having possible access then it looks like a breach at the site's end (assuming your passwrod is relatively secure). |
Re: Full Tilt Account hacked for $40,000
Am I missing something here or does it really seem like FTP accounts are always the ones that get hacked.
I have seen only one UB account hack post. I have not seen any PS account hack post. Always a FTP account thats been hacked. |
Re: Full Tilt Account hacked for $40,000
Sorry, I don't feel like digging up the link, but just a week or two ago, Raymer's Stars account was hacked.
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
[ QUOTE ] Get Keepass and you won't have to worry about anyone being able to hack your password. [/ QUOTE ] I have keepass, but I don't understand how it will prevent a hacker from keylogging you. For me, keepass is just a program that keeps all my passwords. Barrin6 [/ QUOTE ] Keepass and similiar software provides zero protection against keylogging. From their own site: [ QUOTE ] Is the Auto-Type feature resistant to keyloggers? No. And it also cannot be made keylogger-resistant. The Auto-Type feature has been designed in a way that it's impossible for target applications to distinguish real keys from auto-typed ones. This on the one hand has the advantage that the feature is really compatible with all applications out there. On the other hand, the auto-typed keys can of course be logged by keyloggers. If you worry about keyloggers, you have to use one of the other methods (drag&drop, copying to clipboard, KeeForm, browser integration toolbar, ...). [/ QUOTE ] Incidentally they're also incorrect on the latter part. Drag&drop, cut n paste, clipboards, etc also provide zero protection against keylogging. It is entirely trivial for a program to access whatever is currently stored on the clipboard. The fact of the matter is: once someone has managed to install software on your machine - you are finished. Don't rely on your antivirus/spyware protection or whatever else you have running. They rely on signatures and some relatively primitive heuristics which definitely provides some protection but not even close to absolute protection. The only protection you can absolutely rely on is yourself: don't download any software from p2p, don't visit questionable websites, don't install activex controls from arbitrary websites, etc, etc.. |
| All times are GMT -4. The time now is 05:59 PM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.