You always think this won't happen to you

[minSim]

Today I opened up my PartyPoker account to play a session and say my balance being $0,53. Instantly stories of people telling their account got hacked and all their money was spewed away in a few games, came to my mind.
I fastly checked my account history, where I saw a cashout on the 30th of april of $800, about all the money that was on there......but I hadn't cashed out. Even faster I open up IE and go to Neteller.com. "Why can't I log on? This is getting serious." Even searching for my emailadress isn't working, on to the support page and let's call them.

After a few minutes of waiting I get a Neteller agent on the phone, on a crappy connection. I tell him my story and he instantly sees 2 days age my Neteller registration details have been changed and after that there have been 2 cashouts to a merchant account number. One cash out of $800, one of $550, the remaining balance of my Neteller account.
I tell the agent my account has been hacked and I haven't changed the registration details, or cashed out any money. The guy closes my account and tells me he'll send an email to their investigation department and I'll be contacted asap, though likely next week as it's friday already.
I hang up pretty shocked....how can this happen.

After a few minutes of calming down I go to the Neteller support page again and open up a Live Chat with another agent. In the end he's able to give me the transaction numbers of both cashouts, but he can't give me any useful information on the merchant the money has been send to, so I still can't contact them or anything. On my questions how often these things happen, and how often people get their money back, he says it doesn't happen very often and most of the time people timely get their money back, because Neteller is in good contact with most merchants.

Now I'm sitting here, with 2/3 of my bankroll being stolen. I have no idea how this could have happen, tho it is likely that this person has gotten access to my emailadress, as both my neteller account information as my partypoker login, are in there. But I am 100% sure I haven't given anybody the password, nor have I ever accessed it on a public computer or anything. It is a mystery to me how this could have happened.

Of course I changed all my passwords this evening, and opened a new emailadress and stuff. But I'm quiet devistated by it. I just got robbed 1300+...and it represents an enormous amount of hours playing and studying.

Has anyone of you ever occured something like this? Do you guys have any thoughts on my changes of getting / claiming my money back?
In Holland (my home country) we have a system where a moneytransfer from one bank to another can always be turned backwards within a few days. Does anyone know if something like this exists in international banktransfers / transfers with merchants?

[kingnat]

nope.. this is brand new information. No one on this site has ever been hacked eva... i mean serious.. we didn't go through near anarchy anytime in the recent past...


sucks to be you man... I 'm so careless with my info... i'm waiting to find both my kids are >$100k of debt..


GL

[bigspenda73]

http://www.flopturnriver.com/phpBB2/...hh-t69760.html

[spoonitnow]

I saw a cashout on the 30th of may of $800

wat

[minSim]

*April

[will641]

i got it 10x worse than you. i feel your pain though.

[Hawk]

OP, did you ever download poker tracked ide that is now assumed to be malicious?

[minSim]

i got it 10x worse than you. i feel your pain though.

I read your story through Bigspenda's link (i don't come to the community forum much). Amazing and awfull story. Is your case done now by PS? or are they still investigating things? I definately agree with ISF though that players should have the option to only be able to play from certain IP's.

Our cases are a bit different though, as your money has been 'spewed away' to other players and it's probably very hard to detect the real life persons who did it.

My money has been cashed out to a bank account/ merchant, which I assume will always be contacted to a real person, which I hope I (or Neteller) can claim it from. Besides that I wonder how fast a neteller cash out can get into someones hand, before one of the banks that are in between can freeze it.

[minSim]

OP, did you ever download poker tracked ide that is now assumed to be malicious?

I read a few lines about it in Will's thread, I'm not sure what it is.
If it matters, I have a legal pokertracker 2 (I got it through a PSO bonus, about a year back)....but I'm not sure that's what you mean.

[wufwugy]

im sorry man really sucks

theres a reason you got hacked. you got to have done something somewhere sometime. if hacking was easy enough to do without that kind of thing then a much more balla account would have gotten hacked imo

or maybe not

[pankfish]

Shady porn sites imo. Sucks to hear, good luck

[kmind]

Def. feel sorry for you. All this hacking shit is scaring the hell out of me.

[meeloche]

This sucks! I'm hoping since it was trough neteller you get your money back. Keep us posted.

[Jack Sawyer]

We need to get to the point on how you got compromised, and then to how to prevent it. We need everybody who gets scammed to perform a winaudit (google it), so we get to know what programs you have installed. Chances are, you unknowingly "clicked on something" and got fucked. We need to know which program this might be, and why it is not detected by local scanners.

We need to remain constantly vigilant.

[flomo]

expect more and more of this

[Halv]

Sucks to be you .

What email provider did you use? Not changing passwords that have been sent in clear text to your hotmail/gmail/yahoomail/etc is just asking for trouble.

[Seabass]

I'm sorry man.

I'm thinking about getting a separate comp for poker/banking only. I'm already very careful but then I read this and it springs to mind again.

[pantherhound]

i feel sorry and sick for you and will and anyone this happens to.

can i just ask, if i got another computer just for poker and used it for nothing else at all, does that mean there is absolutely 0 chance of anything like this happening?

[2_Thumbs_Up]

Sucks for you minsim. I hope you get your money back.

i feel sorry and sick for you and will and anyone this happens to.

can i just ask, if i got another computer just for poker and used it for nothing else at all, does that mean there is absolutely 0 chance of anything like this happening?

This is what I've considered doing. But no it doesn't completely remove the risk, but it certainly minimizes it. Make sure you have a firewall etc.

[minSim]

I've always been very naive in security stuff. I always thought me being behind a router with firewall was enough mostly, and not spreading around your email / passwords more or less did the rest. Also because I'm far from a high stakes player, I never expected to be a target of these things.

Yes HalvSame, I did use a Hotmail account for all my poker stuff.

I'm doing a Avast complete scan of both my desktop (mostly poker computer) and laptop. On my laptop nothing has been found, but on my desktop already a thing name "pwdump2" has been found, and the scanner is still going. Some googling told me this is a tool to either get or hack passwords....dingding. I have no clue how it got on my pc.

I haven't heard from neteller yet, so that will be next week.
I still hope that the cash being transfered means my money can be claimed back by Neteller from either the person or his bank.

Also, the Neteller agents told me the money was cashed out to a merchant account number. Can anyone clarify for me what a merchant is (I'm not familiar with the term, and can't get it clear through some googling)? Is it a credit card ? or a local bank? or?

I'm going to call my local police office today to ask if they can do anything.

I'll keep this thread updated.

[badgers]

WTF

I'm actually getting scared by all of this shit. Unlucky man...

[Jack Sawyer]

"pwdump2"

sounds like a script kiddie

run winaudit please, then format after savin the results.

also avast sucks, get eset nod (+ sygate or blackice pf), eset smart securiy or fsecure client security

forget about avast, norton, avg, etc.

[Jack Sawyer]

and best of luck to ya

[Miffed22001]

We need to get to the point on how you got compromised, and then to how to prevent it. We need everybody who gets scammed to perform a winaudit (google it), so we get to know what programs you have installed. Chances are, you unknowingly "clicked on something" and got fucked. We need to know which program this might be, and why it is not detected by local scanners.

We need to remain constantly vigilant.

so how do you know if you have something dodgy once you use this?

[Jack Sawyer]

We need to get to the point on how you got compromised, and then to how to prevent it. We need everybody who gets scammed to perform a winaudit (google it), so we get to know what programs you have installed. Chances are, you unknowingly "clicked on something" and got fucked. We need to know which program this might be, and why it is not detected by local scanners.

We need to remain constantly vigilant.

so how do you know if you have something dodgy once you use this?

because if it reports a program (or programs) you have no idea you even have, it will raise alarms
specially if it is currently running

i thought this would be obvious miffy


SiSoft Sandra is probably better, but is not free

[minSim]

Thanks Jack.

I ran the Winaudit thing the first time you mentioned it, but I didn't understand the results...it gave me some sort of complete list of alle the things on my computer, it didn't hit alarms or anything though.

Unfortunately I already formatted my HD before I read your second post. I will definately switch Avast with the things you mentioned though if you say it's better.

[Halv]

also avast sucks, get eset nod (+ sygate or blackice pf), eset smart securiy or fsecure client security

forget about avast, norton, avg, etc.

Please elaborate, I see both avast and avg recommended "everywhere".

[jyms]

i have been using AVG for two years now and have never heard a bad thing about it.

[badgers]

norton is secure no?

[minSim]

I phoned my local police department today. They couldn't really help me for now, as they sat it's very important how much responsibility/actions Neteller is going to take in this and to which country the money has been cashed out to (which I don't know yet).

So I have to wait until I hear something from the Neteller investigation department.

Also, the Neteller agents told me the money was cashed out to a merchant account number. Can anyone clarify for me what a merchant is (I'm not familiar with the term, and can't get it clear through some googling)? Is it a credit card ? or a local bank? or?

Could someone clear this up for me please?

[Jack Sawyer]

I wrote a detailed post about three times, but every time it didn't post, cause i was having bandwidth problems

Top 4 AV & Malware detectors:

Eset Nod
Kaspersky
Bitdefender
Norton (GASP! FUCKING BLOATWARE, THOUGH)

The trick about Nod, is that it can detect viruses before others get the signatures, by using some sort of advanced mumbo-jumbo. You will be very protected against viruses in-the-wild, as compared to other solutions. Its virtually silent, yet very effective, and has a very light memory footprint.
Norton, while some say is good, I find it being a bloated pice of crap, constantly nagging you, with a prohibitively large install. It also slows down your system considerably. Some time ago, if you were connected to an irc network and someone would type "start keylogger", everyone with norton would disconnect instantly lol (talk about false positives)

Avoid at all costs:

McAfee


Check out this (possibly biased, also old in internet time) chart:
http://www.pcworld.com/article/id,130869/article.html

[Warpe]

I'm doing a Avast complete scan of both my desktop (mostly poker computer) and laptop. On my laptop nothing has been found, but on my desktop already a thing name "pwdump2" has been found, and the scanner is still going. Some googling told me this is a tool to either get or hack passwords....dingding. I have no clue how it got on my pc.

From what I can find, this program can only be used to get at your passwords if you are running as administrator...so don't, in future.

[badgers]

Glad to hear norton is ok... I'm getting so paranoid atm. I sent a super-paranoid e-mail to Stars security, should provoke an amusing response.

Avoid at all costs:

McAfee

When I installed Norton and scanned for the first time I found so much crap McAfee had missed.

[wufwugy]

whats so bad about McAfee?

[wufwugy]

minsim, what browser have you been using?

[Jack Sawyer]

There is always one, isn't there

whats so bad about McAfee?

Avoid at all costs:

McAfee

When I installed Norton and scanned for the first time I found so much crap McAfee had missed.

[wufwugy]

i kinda doubt AV detectors will do much of anything wrt protecting the comp.

firewall, web browser, not clicking bad links, not downloading bad stuff, keeping secure pw obv, what else?

[Jack Sawyer]

i kinda doubt AV detectors will do much of anything wrt protecting the comp.

What you running? Linux? Os X?

firewall, web browser, not clicking bad links, not downloading bad stuff, keeping secure pw obv, what else?

Pray to Jeebus obv.

general web savvy will help, too
also, how do you know what stuff is "bad"? malware people go to great lengths to make their links appear completely legitimate to the average joe
also, phishing seems to be a hit too, but I can't see how phising will get your PP password
it has to be some sort of undetected trojan, which (probably a variant) also hit in will's case
without knowing each of their individual setups so we can compare (running processes and the like), its impossible to say for sure
[however, in minisim's case, both his PP and Neteller accounts got compromised, so we can safely assume a third point of insertion was used (probably keeps such sensitive data in one place, and this got breached, like he described his email), so no trojan needed I THINK]

[wufwugy]

i run vista

obv by 'bad' i dont mean they're not disguised. just more like we dont know what it is or where its coming from. like the difference between you linking something here than some 0 post count person. much higher likelyhood that the 0 post count one is bad.

its just that soemthing has to be done wrong for this to happen. we know what will did, but not yet minsim. obv this could be completely random and minsim did nothing wrong, but the likelyhood of that vs the former idea is very small, and i just refuse to default believe that its random.

anyways im emailing stars about setting up their software to allow for us to only log in from one IP. wouldn't this solve the problem?

[Jack Sawyer]

anyways im emailing stars about setting up their software to allow for us to only log in from one IP. wouldn't this solve the problem?

If you always play from one computer that has a single dedicated ip, then, yes
Not impossible, but much harder

If your ip-range is shared (Like most dsl subscriptions), then not really

[Pythonic]

This crap is getting out of control.

[Juked07]

Edit: So it turns out my idea was not original in the slightest and really was just spam.

[minSim]

I'm doing a Avast complete scan of both my desktop (mostly poker computer) and laptop. On my laptop nothing has been found, but on my desktop already a thing name "pwdump2" has been found, and the scanner is still going. Some googling told me this is a tool to either get or hack passwords....dingding. I have no clue how it got on my pc.

From what I can find, this program can only be used to get at your passwords if you are running as administrator...so don't, in future.

Yeah I read that somewhere too, so from now on I'll only do things on a 'user' profile. Are you still able to install things on a 'user' profile, or do you have to install it as an Administrator for all users?

minsim, what browser have you been using?

Internet Explorer 7. Better use Mozilla?

[minSim]

Jack, is it true that from the list of programs I should get one or more from, only Sygate Firewall is completely free, and all the others only have a 30 day trial period?

Or can you just download it again after 30 days?

[Jack Sawyer]

Most good ones are for pay, yes.
You'll have to settle with Sygate and Avast or Avg then.


As for browsers, I cannot give a recommendation, as I use about 5 on a daily basis. I like them all. I think I like Maxthon more than the rest, though.

I'll pm you some additional info.

[2_Thumbs_Up]

How is Maxthon compared to Firefox?

[Jack Sawyer]

I like it, a lot.

The problem I have/had with firefox is, that the more I browse, the bigger its footprint became. And I browse a lot, so after a while it would start weighing in at 850MB or so of my ram. I only got 2GB, and am an avid multitasker, so it slowed down my computer like a mofo.

Maxthon is light, and stays light.

So, I only use Firefox for lighter workloads currently. I heard that FF3 will fix this issue, but until then I stick with maxthon/opera/safari/ie7/ff in tandem

[wufwugy]

i guess i dont know about IE7, but IE over the last few years, and probably forever since then have been notorious for acquiring viruses. mozilla, otoh, has been known as the best for subduing attacks.

i dont know how accurate this is now, but it def was like this a few years ago. at least it was across all the message boards, and i got a shitton of spyware and such using IE but got rid of a ton after getting a firewall and switching to mozilla. not quite sure how that works, but it did.

so minsim, i dont think its a bad assumption that web browser makes a big difference. if you google 'best web browser' or 'secure web browser' mozilla comes up more than others. suggests its still numero uno

[silu73]

Shit this thing is really scaring me and sorry to hear about your problems minSim.

After reading will's problems I actually purchased Bitdefender just to make sure and I found 2 Trojan's which my previous AVG didn't pick up. According to Bitdefender's phone support they were not malicious but am still glad I got rid of them.

[silu73]

I also use on a regular basis:

CCleaner
Spybot
Trojan Remover
RogueRemover

Bitdefender does a few things the above mentioned programmes are doing but I still check from time to time.

I can also highly recommend NOD32 Antivirus which we have used at work for several years and has been working fine.

[minSim]

This is getting weirder and weirder. I just talked to two Party poker agents.

Conclusion was that the login at my PartyAccount when the 800USD were cashed out from my account, has been done from my own computer. That really can't be true...at least not without someone breaking in when I wasn't there.

Is it possible that some hacker can acces my computer from outside?...even when it's turned off?...or is it possible that somehow he logged in from his own computer, with my computer id (or how this shit is named)? I don't get it.

[Warpe]

OS? Windows XP Professional, XP Home or Vista? File sharing turned on?

It's quite possible that someone got remote access to your computer when you weren't there.