Sign Up For Card Player's Newsletter And Free Bi-Monthly Online Magazine

Online Poker Site GGPoker Outlines ‘Superuser’ Breach

‘Moneytaker69’ Account Banned From Site And Players To Be Refunded

Print-icon
 

The term “superuser” came into the lexicon during the cheating scandal surrounding poker sites UltimateBet and Absolute Poker in 2005-07, referring to an online poker account that could see other player’s cards. Some of that controversy returned on Friday after GGPoker admitted that a player under the name “Moneytaker69” had been banned from the site for a similar scheme.

After being alerted by members of the poker community, GG said the company recognized unusual game patterns and “abnormal game client packets” involving the player. Additionally, $29,795 in unfair winnings was confiscated, with tournament winnings to be determined.

“Our technical security team investigated the issue, identified a client-side vulnerability, and fixed what caused these unusual circumstances,” GG noted in a statement.

Details On The Security Breach

GG detailed some of the issues related to the security issue. Under certain circumstances related to the ‘“Thumbs Up/Down Table Reaction” feature, ‘Moneytaker69’ could customize his own game client.

This involved a decompilation of the Windows game client, interception of network traffic, and alterations to game packets. GG emphasized that the issue only affected the Windows client and that the player was never able to access servers, server data, or other players’ hole cards. However, the user was able to gain some advantages.

“Through this customized game client, he was able to deduce all-in equity by exploiting a client-side data leak vector,” GG noted. “Our engineers detected this vulnerability and issued an emergency update on December 16th to disable the Thumbs up/down table reactions.”

“However, the user was already in possession of the customized game client, which he blocked from receiving further updates, and was able to continue to accumulate the data leak during the flop and turn. Through this accumulated data, he could guess his win probability with reasonable assurance.”

The company has since issued security patches to prevent similar leaks and added ways to detect and prevent players from customizing the game client to their benefit.

“We sincerely apologize for the incident, which has caused many poker players to worry about the game’s integrity and shaken their trust in GGPoker to provide the best poker experience,” GG noted in the statement. “We take this incident very seriously and continue to work hard not to disappoint poker players. Additionally, we are actively recruiting to double the size of our technical security team and are enlisting help from renowned security professionals to ensure that online poker is safer than ever.”

Players React

The superuser discovery came on the 2+2 Forums on Thursday. A poster alleged suspicious behavior from ‘Moneytaker69,’ using an abnormal win rate, and erratic hand histories to support the claim.

Some players were pleased that GG offered such a thorough explanation while others were critical that it took the company so long to fix the security issue. Others questioned whether other users were able to exploit the flaw.

“Are you performing a thorough investigation to find other cheaters who used this exploit?” one Twitter user responded. “’Moneytaker69’ was one of many. It’s almost a certainty he would have shared it with a team. It’s a bad look to simply pretend the one player the public caught is the only cheater.”

This is the latest move by GG to ban players. In 2020, GG banned some players accused of “bum hunting” and other terms of service violations.