|
|
09-11-2009, 01:30 PM
Post subject: String of recently hacked accounts, PROTECT SELF ASAP
|
#1 (permalink)
|
|
|
|
I recently had my account hacked and $12-13k (my entire online roll) was dumped at hightakes. The security investigation is still underway.
I notice there has been a string of recent attacks with some important similarities:
Some if not all of us were breached by the hacker gaining access to our pokersite-linked email accounts and using those accounts to reset our poker password.
lesson: immediately create a new email address, as secure as possible, and use it ONLY for your pokersite. Ensure this new address has no connection whatsoever to any other account, website, etc INCLUDING LISTING A SECONDARY EMAIL.
Some if not all of us had forum names that matched our poker names or email accounts, or had our SNs outed on the forums.
Lesson: change your account information on poker forums so it definitely gives no information to hackers. Preferably lie your face off, then create a new forum account. Sucks if you have 5000 posts and are well known, but if it might prevent this happening to you, it's worth it.
None of us had the stars RSA token.
Lesson: Get it. Now. Someone or some group IS actively trying to access the accounts of winning players, and that (hopefully) means you.
Many/all of us had decent antivirus/firewall software.
Lesson: this is not enough. The information needed to access our accounts is being found one way or another. Do EVERYTHING you can to plug security leaks. Become paranoid. I'd compare these attacks within the relatively small poker pro community with having a rapist/murderer/arsonist living in your quiet mountain village. And that would make me pretty damned justifiably paranoid.
All of us had more money online than we really needed. I play mostly 100nl and sometimes 200. I had over 60 buyins at the highest stake I play, which is not necessary.
Lesson: Your money is safer in a bank than it is in your poker account, PERIOD.
|
|
|
Play for FREE and practice your game at...
Join the FTR Poker Forum to disable these banners and start posting!
|
|
oskar
|
|
4-of-a-Kind
Join Date: Apr 2008
Location: in ur accounts... confiscating ur funz
Posts: 2,452
|
|
oh crap... good luck with that.
And thanks for the warning... and you're right... I have much more than is necessary online too. Will cash out asap.
|
|
The strengh of a hero is defined by the weakness of his villains.
|
|
pokerfan
|
|
4-of-a-Kind
Join Date: Jun 2007
Location: NS, Canada
Posts: 1,736
|
|
Wow,so sad to hear about this story.Did pokerstars give your stolen money back? Personally,I never type password from the keyboard and always use additional security code to log in to my account.Also,I think that you really put too much money in your account on stars. Hope you get your money back ASAP.
|
|
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
Keeping your SN secret is less important than keeping your e-mail addy under wraps. Remove it from your FTR profile if you have it posted there. Hackers have mined FTR and other forums before for this information.
Time for a bump:
http://www.flopturnriver.com/phpBB2/...55.html#676608
|
|
|
|
Jason
|
|
Full House
Join Date: Dec 2004
Location: TN
Posts: 883
|
|
I worry about this. I don't like the fact that my poker account uses my screenname as my login name. A hacker can just sit there and try to guess your password. There should be an option for your LOGIN name to be something different than your screename. I also agree securing your email connected to the account is critical. Unfortunately, the hacker has two avenues to hack to gain access to your account - the site with your username and your email.
|
- Jason
 
|
|
flomo
|
|
Full House
Join Date: Mar 2006
Location: mashing potatoes
Posts: 878
|
|
that sucks.
sorry for your loss.
|
Quote:
Originally Posted by bigred
Protect dog
|
|
|
mcatdog
|
|
4-of-a-Kind
Join Date: Oct 2005
Location: St. Louis
Posts: 3,654
|
|
That sucks. The most important advice in this thread is to get a pokersite only e-mail address and get an RSA token. Anyone who doesn't at least do this is just asking to get hacked.
Having a public screenname has some nice benefits and I don't think it's worth it to hide your names.
|
|
|
|
Jason
|
|
Full House
Join Date: Dec 2004
Location: TN
Posts: 883
|
|
Explain how the RSA token works. Does it ever expire?
|
- Jason
|
|
daven
|
|
Straight Flush
Join Date: Aug 2007
Location: soaking up ethanol, moving on up
Posts: 5,814
|
|
that sucks dude
Quote:
|
Originally Posted by Jason
Explain how the RSA token works. Does it ever expire?
|
http://en.wikipedia.org/wiki/SecurID
Stars has this, FT don't. I don't know about the other big sites.
Full Tilt have the option of using your e-mail address to log in + adding a 3-card pin to your account login process. Just click "security" in the client.
I'm about to look at the options on party now, cos that site/account feels most vulnerable.
|
|
|
|
Miffed22001
|
|
Straight Flush
Join Date: Jun 2005
Location: Marry Me Cheryl!!!
Posts: 8,181
|
|
without knowing who has been hacked -
are they all players who are the top winners in games that are followed by pokertableratings ?
Too much advertisement of how much money youre going to have in your account - best argument yet to have that site shut.
Really bad to see this has happened to you - hope you recover from it quickly
|
|
|
|
Shifubowa
|
|
Straight
Join Date: Sep 2007
Posts: 193
|
|
Quote:
|
Originally Posted by daven
I'm about to look at the options on party now, cos that site/account feels most vulnerable.
|
Coming soon.
|
|
|
|
BankItDrew
|
|
4-of-a-Kind
Join Date: Oct 2005
Location: Losing Prop Bets
Posts: 2,789
|
|
Quote:
|
Originally Posted by Miffed22001
are they all players who are the top winners in games that are followed by pokertableratings ?
Too much advertisement of how much money youre going to have in your account - best argument yet to have that site shut.
|
I couldn't agree more.
It's no ones business but my own unless I wish to disclose the amount of money I have or don't have in any account anywhere.
|
Girlfriend: Why are the werewolves more important than living life?!
Girlfriend: Are you on the forums doing the werewolves again?
Girlfriend: Soo... you forgot to run that errand, but you had time to werewolf? Wtf?
|
|
jyms
|
|
Tilting Mod
Join Date: Feb 2006
Posts: 4,837
|
|
My Party log in does not match my player ID on the tables. Nobody knows my Party log in name. So combining that with my eamil would be very tough. I also disconnected my email from my personal email as well and have a poker email only with a very intense password.
|
|
|
|
bigspenda73
|
|
Straight Flush
Join Date: Jul 2006
Location: Pwnsylvania
Posts: 7,546
|
|
Seems like it's a lot of 10-20k accounts that get hacked + chipdumped
I read on HSNL on 2p2 about HS players getting their AIMs hacked but it seems their stars accounts never get touched, not really sure if there's a point here, but it's interesting.
|
|
|
|
bjsaust
|
|
Straight Flush
Join Date: May 2007
Location: Ballarat, Australia
Posts: 5,842
|
|
Yeah, my stars/FT names are bjsaust, really disappointed I cant change them now. No money on them atm though, and I use secure passwords for all my sites (I left a site that wouldn't let me change my own password).
My Party display name and username are the same. I'm still not sure how Jyms got them different, I should look into that. Fortunately only a handful of people know my username there.
Party secure token would be awesome, I'd pay for that for sure.
|
|
Just playing to improve.
|
English
Deutsch
Español
Français
Italiano
Nederlands
Pусский
Svenska
06-01-2012, 11:03 AM White House Responds to Poker Players Alliance's Petition
Linear Mode
