Open Side Menu Go to the Top
Register
new HSNL scammers crushing FTP new HSNL scammers crushing FTP

05-01-2010 , 04:41 AM
This is a lot of information and will be updated once a few key people add info. Any new info would help. Overall this is a disgusting situation and hopefully people can avoid these things in the future and scammers will lose their accounts.

Recently Alladiin on ftp (25/50 plo reg) contacted my roommate (react1on) asking for coaching. He suggested "teamviewer pro" and linked a BS site that was a copy of the real teamviewer site. The site linked to a trojan download disguised as the teamviewer application.

Yesterday Alladiin contacted me on aim (his aim being Johancederkrantz) offering to play me in chess for money. He linked "club-chess.com" which is a clone of chessclub.com, a very famous site that is legitimate. The site club-chess.com was registered yesterday. Of course the site again links to a trojan that would most likely be used to see my screen. I pointed it out to him and he had a very defensive response then logged off.

MicahJ reported the same thing(coaching scam) and has been getting crushed by alladiin since he mistakenly downloaded the nonworking application in december.

He gave the aim out while playing 25/50 plo to talk to react1on about coaching. So it is 100% that the aim matches the player. The scam started instantly so its not a situation where the aim was compromised.

After talking to some people about the players, they said that they had downloaded something linked to them. This was followed by gruesome sessions where they were absolutely brutalized by a few fishy players.

Jas11 (jasjas11 on stars) got an aim from paymenot (stars sn) linking him to a video that never played (was just some .exe dl or something). immediately after he got crushed by the accounts: bad_gateway and alladiin on ftp. On stars: saman_R and WestisBestis on stars. saman_R and westis are low stakes plo 6max players that decided it was time to take a 25/50 nl shot. Jas says that paymenot even encouraged him to play bad_gateway, saying he was really bad at plo ect. Jas thinks that pokerfatman is a multi-acc of bad_gateway, but that isnt confirmed. He took his comp to a tech-savvy friend and found out there was a remote-desktop trojan on his computer and his comp was compromised.

I just learned about this today so i havn't discussed it with some other people who i suspect were scammed by these guys. I think it is likely that ADZ was scammed for >70k by paymenot. Kadabra was likely scammed by the alladiin/bad_gateway team for a huge amount. And i suspect dog was scammed by the bad_gateway multi account pokerfatman.

The hand histories between these players and the scammers are beyond absurd. Every big pot won by kadabra vs bad_gateway is a huge suckout. The HHs really look like he can see the screen. These guys are really bad and seem to only lose pots to huge suckouts or suprising hero calls (by the victim).

Again I just started looking into this today when he tried to scam me. I will add info as it comes but this is it for now. Any info is appreciated.
05-01-2010 , 04:49 AM
Have you emailed the sites? Getting these accounts frozen before they can cash all this out is important.
05-01-2010 , 04:54 AM
unfortunately the stars accounts disappeared and pokerfatman was frozen(i think) bad_gateway and alladiin are still working i think and people should email this to them.
05-01-2010 , 04:59 AM
Zergums my roomate and I can confirm that everything posted is what we know to be the truth so far, and it seems really clear to me that cheating was occurring.

I really want to stress how important it is for people NOT to click links from people they dont know, and not to DL programs from people that they dont trust/met at poker tables. Also having a good AV that could potentially alert you when you're at a webpage with a trojan etc. (I dont know much about computer security so im not the person to ask for suggestions, I use Kaspersky though.)
05-01-2010 , 05:01 AM
Quote:
Originally Posted by Apathy
Have you emailed the sites? Getting these accounts frozen before they can cash all this out is important.
this is most crucial.

also jesus do NOT download random .bat or .exes jfc
05-01-2010 , 05:05 AM
Kadabra says he thinks someone tampered with his computer during PCA. Right after the bahamas he got crushed by bad_gateway and the hands were very suspicious.
05-01-2010 , 05:15 AM
wow this is really unfortunate. thanks zergum and react for helping to uncover this. good luck to everyone getting it sorted out.
05-01-2010 , 05:23 AM
It's possible that ozzy_87 was scammed as well. Bad_gateway looks to be game selecting really well, only playing when he can see someones cards HU or at 6m. https://www.pokertableratings.com/re...hash=522511808

all the hands are really sketchy, just so sick how he just owns people by 4betting aj vs kj and a9 vs a8 ect ect ect.

Last edited by Zergum; 05-01-2010 at 05:41 AM.
05-01-2010 , 05:54 AM
jesus
05-01-2010 , 06:25 AM
To stress the importance of any information about alladiin/bad_gateway, nearly everyone mentioned was scammed for atleast 100k. These guys are pond scum. plz help by posting anything you know about these guys/reviewing HHs

forgot to mention this in the OP but after our scheduled chess money match or w/e this guy was asking for he wanted HUNL at the highest stakes i'd play, saying he was a "business man who plays poker for fun"

Last edited by Zergum; 05-01-2010 at 06:36 AM.
05-01-2010 , 06:31 AM
wow, that is insane
05-01-2010 , 06:49 AM
I think its pretty likely that paymenot (stars) is or knows bad_gateway/alladiin (ftp), as they seem to be emptying the victims stars and ftp accounts
05-01-2010 , 07:23 AM
Seems to be rife the last few weeks this sort of stuff, as you can see the thread about Micah questioning about his account, puts people into doubt and ruins trust.
05-01-2010 , 07:26 AM
this is completely different from the Micah thread. Pretty sure that Micah's fulltilt account (im not sure about this but seems very probable) is not compromised, but rather his computer, that was a misunderstanding about vig%s while this is people deceiving high stakes poker players into clicking links posing as legitimate sites and using that to put trojans->get holdecard info and scam hundreds of thousands by crushing opponents whos holecards the hacker could see.
05-01-2010 , 07:41 AM
and you'd thought hsnl will be smarter then just clicking a link & d/l a program..

I guess the guy had some kind of moral aurora being a 2550 reg, but c'mon, check what your computer eats before you are feeding him with executable files from the world wide web.

edit: btw, my zonealaram alert me immediately when I load club-chess.com .

Last edited by stickychips15; 05-01-2010 at 07:47 AM.
05-01-2010 , 07:54 AM
im pretty sure people arent clicking and downloading programs. once you click the link the bogus site, your computer just instantly downloads it.
05-01-2010 , 08:14 AM
Quote:
Originally Posted by Zergum
Yesterday Alladiin contacted me on aim (his aim being Johancederkrantz) offering to play me in chess for money. He linked "club-chess.com" which is a clone of chessclub.com, a very famous site that is legitimate. The site club-chess.com was registered yesterday. Of course the site again links to a trojan that would most likely be used to see my screen. I pointed it out to him and he had a very defensive response then logged off.
Was this just some random who IM'd you looking to play chess for money? If so, why would you ever click a link from him???
05-01-2010 , 08:17 AM
Quote:
Originally Posted by Daddy Warbucks
Was this just some random who IM'd you looking to play chess for money? If so, why would you ever click a link from him???

No, just like it says in OP the person who contacted me was Alladiin on FTP a HS plo/nl reg. He had previously asked my roommate for PLO coaching and got my aim through him.
05-01-2010 , 08:20 AM
Quote:
Originally Posted by jcmoussa
im pretty sure people arent clicking and downloading programs. once you click the link the bogus site, your computer just instantly downloads it.
I'm pretty sure it doesn't and they are downloading it. If your computer is actually downloading and executing code automatically then you've probably turned off autoupdates for some reason and are running a very old version of your browser.
05-01-2010 , 08:21 AM
Ah okay, i wasn't sure if you'd made the link before the conversation started.
05-01-2010 , 08:21 AM
I have played quite a bit of heads up PLO against both of these accounts and I believe I have done very well against them, I would be surprised if they could see my cards. They both sucked pretty bad as well. I will go through my hands later to see my results and if there was anything fishy going on.
05-01-2010 , 08:30 AM
Quote:
Originally Posted by cts
I have played quite a bit of heads up PLO against both of these accounts and I believe I have done very well against them, I would be surprised if they could see my cards. They both sucked pretty bad as well. I will go through my hands later to see my results and if there was anything fishy going on.
Both players are seemingly pretty bad, but Alladiin has played abunch of people and at the end of the session he asks for coaching or something similar.

The scary thing is he is actually cloning real websites and adding his own trojan to do these scams. They appear sophisticated and legitimate, but really they are copies of real sites.
05-01-2010 , 09:22 AM
basic advice:

when linked to software by someone you don't know over the internet, even when it seems legitimate, just google the software name and get there from the google link.

this prevents new/unknown/fake sites, and should cover 99% of the cases.


although very unlikely - even if the link seems legitimate from a website you know (e.g. www.twoplustwo.com/something.exe), had the hacker successfully gained basic entry to the twoplustwo domain, he could plant a file on their servers without getting noticed/exposing the fake file on the site itself.
05-01-2010 , 09:25 AM
Quote:
Originally Posted by gorgeouss
basic advice:

when linked to software by someone you don't know over the internet, even when it seems legitimate, just google the software name and get there from the google link.

this prevents new/unknown/fake sites.
100%. I tried doing this with the teamviewerpro site and the fact that it was nowhere to be found on google, just the actual teamviewer site, really sketched me out.
05-01-2010 , 09:55 AM
http://www.pokerXtableratings.com/fu...ch/bad_gateway

seems like a reasonable 2550 NL winrate... if you played scout all day

      
m