|
|
|
|
#1
03-27-2007, 02:46 PM
|
|||
|
|||
Full Tilt Account hacked for $40,000
I was alerted to this when I received an email from Full Tilt saying that I had changed my email address. I had not done this, so I immediately logged into my account and saw that it was empty.
I contacted support(through email because for some reason their security department does not have a phone number). Their security team looked into it and found that over the last three days (Fri, Sat and Sunday) someone gained access to my Full Tilt account and used it to play high stakes games. They bought gift certificates and then redeemed them back to my account(which was very weird and I'm still not sure of the purpose of that). Full Tilt investigated the play and apparently the money was not dumped to anyone in particular but was lost to multiple legitimate players. They determined that the logins came from foreign IP Addresses but were not able to recover any funds. They also do not reimburse players for fraudulent losses. I've conversed with them alot through email since this happened, here is a snippet of the most recent one: "The Gift Certificates, as mentioned in the first email, were redeemed back into your account. This is extremely odd, as I would have thought that the infiltrator of your account would have redeemed it into a different account. It simply makes no sense why this player would purchase gift certificates only to redeem them back into your account. That being said, your funds were then used within your account to play on the tables. All of your funds were lost to legitimate players and cannot be reimbursed. Unfortunately, Full Tilt Poker is not like a credit card company, we cannot be responsible for what occurs on your account and your funds are not insured by Full Tilt Poker." It appears that they accessed my email account as well and deleted the confirmation emails that were sent when they purchased the gift certificates. Because of this I did not realize what was happening until it was too late. I had all windows security updates running, an anti virus program, a software firewall, a hardware firewall and I never downloaded suspicious files/executables. I am not sure what more I can do. I went out and bought vista and new firewall/anti virus software but I really don't feel much safer. I am not sure what to do, I feel pretty helpless. I am going to contact the police today, but I'm not sure what their power is in this type of situation. Does anyone else have any suggestions or feedback?? Has this happened to many others? man feels like every time I post here, I'm posting something crappy that has happened [img]/images/graemlins/frown.gif[/img]. sol. 
|
|
#3
03-27-2007, 02:56 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
That sucks, try and find out how someone got onto your account.
|
|
#5
03-27-2007, 04:29 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Get Keepass and you won't have to worry about anyone being able to hack your password. [/ QUOTE ] I have keepass, but I don't understand how it will prevent a hacker from keylogging you. For me, keepass is just a program that keeps all my passwords. Barrin6
|
|
#6
03-27-2007, 04:32 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
shahmat,
Where were you when this was happening? Would someone have access to your PC? It seems odd that this could happen over several days without you knowing. I would guess the person who did this knew you. Though he would probably have to know something about poker, too. What stakes do you normally play? Because it seems like they knew how much was in your account. I hate reading stuff like this. This stinks, sorry dude.
|
|
#7
03-27-2007, 06:20 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
[ QUOTE ] Get Keepass and you won't have to worry about anyone being able to hack your password. [/ QUOTE ] I have keepass, but I don't understand how it will prevent a hacker from keylogging you. For me, keepass is just a program that keeps all my passwords. Barrin6 [/ QUOTE ] Keepass and similiar software provides zero protection against keylogging. From their own site: [ QUOTE ] Is the Auto-Type feature resistant to keyloggers? No. And it also cannot be made keylogger-resistant. The Auto-Type feature has been designed in a way that it's impossible for target applications to distinguish real keys from auto-typed ones. This on the one hand has the advantage that the feature is really compatible with all applications out there. On the other hand, the auto-typed keys can of course be logged by keyloggers. If you worry about keyloggers, you have to use one of the other methods (drag&drop, copying to clipboard, KeeForm, browser integration toolbar, ...). [/ QUOTE ] Incidentally they're also incorrect on the latter part. Drag&drop, cut n paste, clipboards, etc also provide zero protection against keylogging. It is entirely trivial for a program to access whatever is currently stored on the clipboard. The fact of the matter is: once someone has managed to install software on your machine - you are finished. Don't rely on your antivirus/spyware protection or whatever else you have running. They rely on signatures and some relatively primitive heuristics which definitely provides some protection but not even close to absolute protection. The only protection you can absolutely rely on is yourself: don't download any software from p2p, don't visit questionable websites, don't install activex controls from arbitrary websites, etc, etc..
|
|
#8
03-28-2007, 12:10 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
Get Keepass and you won't have to worry about anyone being able to hack your password. [/ QUOTE ] I get paranoid about programs like this, Roboform and others. On the surface it seems like a good idea, but what's to stop the creator of these programs from making something that sends all your information to them?
|
|
#9
03-27-2007, 02:59 PM
|
|||
|
|||
|
Re: Full Tilt Account hacked for $40,000
[ QUOTE ]
That sucks, try and find out how someone got onto your account. [/ QUOTE ] Ya thats the one thing that stumps me the most, I still cannot figure out how they got access. I am not sloppy at all with security measures.
|
 |
|
|
Hybrid Mode
