My points brought up above are not met to invalidate the current thread but to widen the perspective. On a side note, I think antivirus are a must on any computer but I would not rely on them to detect the poker specific malware.

Do not get me wrong, in the present case I do not specifically believe that the players are at fault for having malware (I do not call this a virus) installed on their computers. It may or may not be the case. I find that the evidence collected is especially strong showing an anomaly in win rate and unusual play. I applaud the work being done here and truly hope the truth comes out. I believe the task at hand is a big one.

I would like to post something on this interesting thread in order to
(i hope) better explain some issues that most people are unaware about.
I work in the computer security industry and also play poker online occasionally
(mostly omaha8 pl and nl holdem medium limits).

First of all i'd like to say that when the online poker boom happened, the
vast majority of poker players had few doubts about the integrity of the game
and showed remarkable trust to the major online sites. After all, why would
a site rig the deal if it made so much from rake ? That is of course missing
the point entirely because it is the wrong question to ask. As more 'incidents'
come to light, it becomes apparent that the questions customers should ask
have more to do about the security policy that major sites should have. than
the quality of the random number generator. Every major site advertises
that it uses hardware RNG, that client-server communications are encrypted,
that your data is protected but not a single one mentions anything about
the security policies they use (or dont use). Most banks that offer online
services go through regular penetration tests and audits performed by
reputable companies. No online casino has anything to say about this.

In the case demonstrated here, my opinion is that the cheat is probably
an inside man (if UB has 'superuser' functionality enabled for debugging/testing the cheat probably does not need to have advanced
technical skills) but he could also be someone who simply hacked into
the UB servers and infected the process(es) responsible for the games.
The inside man scenario could happen at every online site out there. There
must be technical people working there responsible for programming, updating, maintaining the server and these are the people that should be
under extreme scrutiny and managed by a well defined policy. Even if
'superuser' functionality is not enabled for testing (like allegedly at UB)
it is extremely easy for a competent programmer/engineer to craft it by himself. If he knows what he is doing, he does not even need access to the
source code, everything can happen at runtime while the process is running.
My point being that this is an extremely common situation today and
poker sites are not excluded. The fact that it happened at UB does not mean
that the rest of the sites are 'secure'. All of them seem to focus on the
things that are considered standard practice by everyone (client-server encryption/hardware rng) and ignore the things that truly matter (penetration tests/security audits by independent reputable companies).

Some posters talked about how the cheat sticked out so much from the norm
by his aggression factor on the river and how he could play it more stealthy
by winning less over a longer period. Well, my opinion on this is that if
i was the 'hacker' in this case i would try to make as much as possible as
fast as possible with detection being a secondary consideration. Detection
is a problem anyway because of software updates (that could render a
backdoor on the server useless), software audits (if they happen, the backdoor could be noticed), HH analysis (if it happens, patterns become
obvious like in this case) or plain-old circumstances beyond your control
where they can render your access to holecards void. It would take
a tremendous amount of familiarity with the system and/or high level
management to plan something like this and execute it over a period spanning many years. It is just easier to hit it for some months and then
disappear (Of course, the perpetrator thought that this would go unnoticed,
and it certainly would if HH analysis was left to UB as there doesnt seem
to be any from their part).

As for the client-side trojans some people mentioned, they are certainly
an attack factor but as others said they do not apply to this scenario.
A very well exploited path these days is client-side vulnerabilities in browsers. Downloading and running infected programs is obsolete.
The trojans these days come embedded in web pages, usually taking
advantage of insecure javascript implementations to hijack computers
so be wary when browsing (ideally disable javascript for the majority of
sites and do not use IE/Firefox).

This is the email I sent to phil last night:

Any updates as of lately? Getting alot of private messages on
twoplustwo and alot of questions at the tables. People want to know
what is going on in the investigation and they're coming to me for
answers since UB has been reluctant to respond to any emails. Why
hasn't UB released the name of the supposed 3rd party investigator? UB
issued some vague statements in one of their emails from a concerned
customer. In it, they basically only said they were investigating the
nionio account. If they knew/cared at all about what was going on,
they'd realize that this goes far deeper than simply 1 account. And by
the way, if you have any say in this Id suggest telling the guys
running the marketing dept to STOP LYING TO THEIR CUSTOMERS. They're
telling the players absolutely anything. Ive heard reports of them
saying "no commment", to "there is a current investigation" to "the
investigation is over and they have issued full refunds". Theyre
clearly just telling everyone anything. Anyways, just tell me if its
worth it to give you a call or not. If you do get any specific new
info please call me. Thanks


This is the response he gave

I'm in London playing and commentating for the "European open" and the
"Premiere League." My cell doesn't work here, but I'll be back on the
17th. No need for me to call you as I have heard no new updates.

I appreciate your patience. I know that they are looking at 6
accounts, but that it takes a long time time to go through all of the
individual hands. The only update that i did hear was that most of
the hands occurred heads up or three handed...

I will send out an email today to get a status report, but I suspect
that they are simply doing a thourough investigation. Don't lose your
patience yet, give us another week, then send me an email where your
mad at the slow pace!!

Thanks for the update Trambopoline. I recovered some of my HHs from playing him and needless to say I lost every showdown in a pot over 200BB.

Keep this thread about UB and NioNio please.

@ Great work Trambopoline

@ Iterate
Thanks for sharing your knowledge.
So if I want to test if my PC is infected with Trojan Horses what do I do (I have some free antiwir running but it would not detect horses I think)?

come on guys dont let them just sweep this under the carpet.

How about some cliffnotes in the OP?

there is an investigation going... this isnt going under the carpet.

most of the players in question had very unorthodox styles. for example twenty would call all 3 bets preflop and lead out for pot when u missed. other times he would check fold. NO ONE LEADS out for pot on a consistant basis in that position. i dont care if ur a fish or a pro. its not profitable and the fact that he won at rate higher then 25bb/100 is proof enough.

mad00house

U can't be sure, the only safe way is to format and reinstall everything from a safe source (which doesn't exist).

Well one good thing about the new UB loyalty program is they gave me a "VIP" phone number. I called to inquire about the investigation and of course the person had no idea what i was talking about but went to her supervisor and assured me the investigation is still ongoing they are not trying to sweep it under the rug etc etc. Standard response but i figure the more we can bug them the better. 888-458-8566

I called that number and I thought it was a phonesex line LOL. I don't know if the mods will allow that phone number to stay in this thread or not. Anyway, I really hope we get an update soon as to what is going on here. This investigation has been going on way too long.

Does anybody have any updates on this? I sent ultimate bet an email and i got a very generic response saying they are looking into it. Sounds like they dont really care.

Did the people who got robbed get paid off by ub to stop making posts here and updating us all? How does this not get picked up by more mainstream media is beyond me. Even the 700 thousand to 7 million(according to some reports) picked up by aj (potripper) green and friends got no press. This should be front page stuff on poker magazines at the very least. Ultimate bet owes all its customers a real explanation instead of the way they like to dance around the issue. They had to know right away. Dont they keep some track of the money on that site. 800000$ in three months should raise some eyebrows you would think.

i agree w/ you completely.

If someone wants to draft a formal letter (if no one else does it within the next few days, i'll assume you guys have elected me- i'll write one and then we can all email it to ub/ cardrunners/ the poker radio show / anyone else you guys have in mind?)

stealthcow-

never get these "testing purposes"... what would they try to test with being able to see hole cards? o0

Im sure they do that when they first start their site to make sure the pots are going to the right people with no glitches

It would be pretty helpful to have this when developing a poker client.

Hey Nat, thanks again from an online player for your help and contributions on the AP investigation, I followed that very closely.

Just wondering your thoughts/opinions on all this?? Just interested on what you think so far. I was very impressed by your contributions on the AP thread, and you've been pretty quiet here, Im sure for a reason.

still no word from UB i take it? I really hope they acknowledge there was cheating going on and reimburse players affected by it.

Ok I was told by one of my 'informants' (hes like a security guy working for UB who has been helping me out throughout the investigation) that UB has finally met w/ the KGC about this and 'the ball is rolling on the investigation.'

imo hellmuth will make the move to ftp and get a deal where he has heads up chinese tables where he can see ivey's hole cards...

still not sure he'd win tho

i was just contacted by a ub rep asking me to return to UB and saying something about their new rewards program or whatever. I immediately asked her about the super user investigation and she said the investigation has been resolved and that the players who were affected will be getting their money back. She then asked if I was affected and I said yes. She said she will pass my screen name along to her supervisor who "has more information."
I asked for more details but she said her supervisor will contact me.

Sounds like UB knows a hell of a lot more than they are letting on if even their rando employees have knowledge of the investigation now. If UB only had someone we could contact,
dlpnyc21

Received this email. It's pretty clear from this email that they have no idea that other accounts were suspected super users. This is really bad. Can someone reply to this message with a list of all the suspected superusers so I can email them back to this ub contact?

Fwiw, I received this email back after I called the "VIP" support hotline and asked for information. I would recommend calling them and asking for an explanation, and also alerting them to the broader scope of the superusers (meaning it wasn't just Nionio).

Dear Mr. Paredes,

Thank you for contacting us. Enclosed please find the information you requested over the phone.

On Saturday, January 12, 2008, UltimateBet was notified by customers that a player with the online handle 'NioNio', demonstrated an unusually high winning percentage. Upon receiving this notification, UltimateBet immediately launched an internal investigation.

We have also engaged the services of an expert third-party to help us determine whether or not this allegation of suspicious play is accurate and we are in open discussions with our regulatory body, the Kahnawake Gaming
Commission (KGC), regarding this investigation.

We want to make it clear that UltimateBet takes all allegations of unfair play very seriously, and we want to extend our strongest possible assurances that we will do our utmost to protect our players and our company from every and any form of cheating. We also recognize the importance of communicating timely and accurate information regarding this incident to our customers as we learn the facts.

Do not hesitate to contact us if you require further assistance or additional information.

Best regards,

Sebastian
UltimateBet ~ Customer Support
'The Ultimate Poker Experience'
Support@UltimateBet.Com

It’s official. We’re heading back to Aruba for the 2008 Aruba Poker Classic - September 27 to October 4, 2008 – and bringing a million bucks with us for the main event champion. Qualifiers for this multi-million dollar island event begin January 2008. Watch your inbox for details on how you can win your way to both Aruba and the 2008 World Series of Poker for next to nothing.

Ensure the security of your account! Never give out your password and change it frequently!

I got the same email, I basically think its a joke. I will never put another dime in ub again

I know 2p2ers will never just let this issue be swept under the carpet but its a little worrying that there has not been any update on something so serious to our poker world.

I want to thank you guys for all the work you have put in to this. I have never played at these levels but it takes guys like you to help stop this feeding its way to all levels.

It seems as though UB are not going to admit openly what has happened. Can one of you guys involved in this update the rest of us on where this issue stands at the moment ?

Thanks