I think I've seen other work from that graph maker

It is extremely likely it happened this way.
The fact people don't find any trojan/virus is not relevant.
Password data can be send with ANY third party software.

Unlike almost all "hacked" threads there is basically zero evidence of compromise at the players' end in this episode. And the attacker knew the passwords (despite not having access to other accounts such as email accounts).

I haven't logged on to my PS account since pre-black Friday.

I think I may have even left a small amount <$200 in there. I didn't feel the need to get it or close my account or whatever.

I seriously have no idea what my login info is. I had a specific email address for poker stuff, that I have stopped using around 4 years ago, and I may not even have access to that anymore.

So now from what I read it is possible that someone has been in my dormant account and has deposited fraudulently and withdrew etc... and PS thinks I am on the hook for this stuff?

Good luck with that. Also, I am US based, so does this mean I am not subject to this sort of hack? PS will not accept deposits etc...?

wrong, you should read a bit about this topic

Also, the lack of other types of breached accts isn't a hugely strong piece of evidence. If the hackers are purely doing this to steal funds then they would be saavy to only compromise accts that would lead to easy funds, such as poker accounts

If you have a trojan/virus you can access everything like bank accounts or steal information for identity theft or other frauds the hacker is in control of you machine and everything you do on it why hack a Pokerstars account with $200 when you can take over victims bank account?why wait 6 months to do this?what about other Pokersites why only Pokerstars what you suggest makes no sense with a trojan installed.


If a keylogger/Trojan why did the hacker try and hack victims E-mail account if a keylogger or trojan installed one would expect 100% other user accounts to have been compromised like E-mail/I-Tunes other poker accounts ect This hacker entered the password on the first attempt with 100% accuracy ONLY on a dormant Pokerstars account.

Nonsense. Compromised email accounts are the prime attack vector for most poker site and other hacks, from what we see reported here and elsewhere.

OP has posted what appears to be clear evidence of the hacker trying to access his email account exactly once (which strongly suggests access to Stars -> learn email address from within the account -> check that the same password doesn't work for the email too because that might lead to other sites and/or other funds -> fail -> stop trying because the only attack vector here is KNOWING the Stars password).

It's perhaps the most damning piece of evidence that this is a Stars compromise - not a compromise of something else first, and not a man in the middle attack.

Fair enough, but I just can't really see how a company like Stars would decide that would be unnecessary. They have every reason to do so, and it's not incredibly difficult to implement.

I mean you can spend a minute on google and find instructions that would outperform pretty much any unsalted hashed password list. If a security professional managed to overlook that, I wouldn't know what to say.

That would only work if Stars was not properly salting their hashed passwords.

When correct measures are implemented, multiple users with the same password would end up with unique hash values. Most likely that is what Michael meant, when he said “we can’t review the strength of passwords of the players who were hacked”.

I agree.

But remember this could be an older database - so far it certainly seems possible that the compromised accounts are aged (indeed some are dormant) which is why I've been suggesting that those affected post information on the age of their accounts and the date of the last pre-hack password change (if any). Remember that salting hasn't always been best practice, and db compromises tend to be old ones that have been forgotten about or are on some backup or test server somewhere.

There is a feature of encryption called "salting" (which has been mentioned earlier ITT) which virtually solves this problem. A "salt" is a random value that gets added to the password before the encryption occurs. As long as the salt is different for the two users with the same password, the encrypted result is different. Salts are used to protect against dictionary attacks, where the attacker takes a common word or phrase, encrypts it using the same algorithm, and compares the results. With a salt, the attacker would need to use both the correct password and the correct salt.

There has to be a way to recreate the salt so that is can be re-used each time the user's password needs to be encrypted, such as when logging in. There are a few different ways salts can be handled, but the specifics for that don't really matter here. There is still no need to worry even if the salts are stolen or compromised, as it would only help attackers using a dictionary attack (in which case you can protect yourself by not using "password" as your password).

As for warning people that are using a weak password, the best place to do this would be when they are creating the password for the first time (account creation or changing the password), similar to how most other websites do it.

Needs more love

My point is that going after a stars account is a lot easier and less risky than attempting to steal out of, for example, someone's bank account. If someone were to hypothetically have malicious software on your machine that gave them access to all of your account passwords, a poker site is likely to be BY FAR the least secure account that holds money, and therefore the most likely target.

Not accessing other accounts which are likely to have no money available (emails, social networking sites, etc.), or very high-level security (banking, ewallets) is just simple risk management, and should be expected from someone capable of pulling off an attack like this and thus doing so says absolutely nothing about where any stolen information was stolen from.

If you hack a bank account and steal funds the police will certainly be involved. If you hack Pokerstars and steal funds they won't even pass on the details to the victim.

Have Pokerstars raised these crimes with the relevant police authorities?

Yes, exactly my point. How this is not extremely clear to everyone arguing that "if he had all the passwords he'd just rob a bank account" is beyond me.

Is FTPMurphy an actual employee of the Rational Group? I got a PM from him and said he wanted more information about my case but I have no idea if he's legit or not.

I definitely wouldn't trust anything that didn't come straight to my registered email directly from them, or directly through the client

[/QUOTE]

Please stop posting your infantile logic is best used in a playground with other child like minds.


What makes any account when you know the password and can access this any secure or less of a risk than others?

Why are only Pokerstars accounts compromised and not players other online poker accounts if this is less of a risk to hack poker accounts?

What do all the victims have in common POKERSTARS!

What happens to a the share price when this is admitted as a breach?

Do you understand what the criteria is and the knowledge and tools to "pull of an attack like this"?

It does not only have to be a Bank one would expect other online accounts to be compromised if this is a keylogger/rootkit/trojan
Dumb Donkey

With all due respect you're totally missing the point.

No-one is suggesting that the attacker would rob a bank account.

What the hypothetical attacker would do, though, is use his exploit (assuming this is the virus/keylogger/rootkit/MITM type exploit that some of you want to believe it is) to gain access to people's email. With that access they would in many cases be able to gain easy access (via password reset) to other targets of equal attractiveness to Stars, such as other poker sites.

OP's experience clearly shows that the attacker had no access to the email, but tried once (and only once) to access it - almost certainly because he learned the email address from within the Stars account and then tried the email account in case the passwords were identical. As they weren't, and as he had no other way of discovering the password (according to my theory, because the attack starts with a compromised database of Stars passwords) he gave up.

The answer to the bold part is what you need to be figuring out instead of posting nonsense, butt-hurt rants.


I should be clear, I'm not defending stars in any way here. I think they're handling this terribly and I agree that a lot of blame here lies with them.

The fact that they are handling the situation poorly at this point does not, however, give any credence to the paranoid idea that stars is doing a bad job of securing your info.

However, alarmist morons like you spreading unsubstantiated speculation about how awful poker site operators are is most certainly one of the main causes of the decline of internet poker, and imo you shouldn't be allowed to post.

While what your saying here is mostly true, it doesn't detract from the idea that it is orders of magnitude more likely for:

Someone to compromise a personal machine for all info, then decide that out of all accounts accessible, pokerstars would be the least risky and most profitable to steal from

than

Someone to compromise stars likely extremely secure database and then use that info to basically only steal from stars

You guy's should look up the idea of "Occam's Razor", I think it would help you guys figure out which of your theories make sense and which don't

Listen you ****ing moron i have very little patience for obvious trolls or ******s more so when i have partaken in my favourite alcoholic beverage on a Friday night.

No one is paranoid about info Stars securing info ok David Ike! It about getting to the root of the problem and instead of blame take responsibility and accountability.

Pokerstars are now doing this even if it is to late for some loyal customers maybe thats to do with online pokers decline now back the **** up ****** im out of here.

I'm sorry, but each post you make is more wrong.

Occam's Razor suggests that the first thing to be compromised would be the email account. That is the prime target, because controlling that gives access to most if not all other accounts (because most people still haven't learned to use unique email accounts for their poker sites*).

Following your logic, all other poker sites would be equally ripe targets as Stars. In fact Stars as one of the more sophisticated operators is likely to be a riskier and/or more difficult target.

Occam's Razor also suggests that where there is ONLY evidence of the Stars password being compromised (and no other account belonging to any of the victims of these attacks) the vulnerability most likely lies with Stars and not the players' machines.

Your posts are simply derailing the thread at this point. Perhaps wait for something you understand a little better?

*In fact I think OP said he used his email account only for Stars, FTP and HEM, but the point is that the attacker wouldn't know that unless they had access.

Stars is much, much, MUCH more popular than every other site, and they therefore will have a disproportionately large amount of publicized attacks happen to them. The amount of actual attacks on smaller sites may be entirely proportional to what we are seeing here. You are just making assumptions in order to support your argument.

This just does not follow logically. Because a certain account is the only one being accessed does not inherently suggest that the breach came from that account.
As I've already stated, there are many other reasons why stars might be the accounts being targeted, such as the fact that they have lots of money in them but are less secure than other popular accounts that also have money in them, such as bank accounts.

Or unless, you know, he tried this thing called trial and error. For a total of like 10 tries.


I'm not trying to absolve PS of any blame here as you guys seem to think, I'm just showing you guys how poor your arguments are so that you're not disappointed when your nonsense theories inevitably fall apart, and so the parties of importance in this situation are better able to sift through the nonsense and get to the actual facts of the case.

You're contributing nothing of value. You seem like you are trying to derail. Stop posting. Your emotions here add nothing of value