Open Side Menu Go to the Top
Register
URGENT Hotel rooms in arts ept barcelona broken into to plant trojans on laptops URGENT Hotel rooms in arts ept barcelona broken into to plant trojans on laptops

09-06-2013 , 03:58 AM
Quote:
Originally Posted by jungleman
look at video surveillance of reception to find out who did this? they must have got your keys somehow... most likely from reception
the old room keys not working makes this seem more likely to me. anyone know if someone broke in without a key if it'd wipe the old code (on ur key)? anyway if its a key from the front desk 1) hotel security, 2) ask the people working at the time (very possible one of them's in on it but still worth asking n could always get a life-read if they are n u call em on it) 3)maybe they can lookup the time new keys were made or some other jazz on hotel systems even if no video etc
09-06-2013 , 03:58 AM
Don't worry guys, it's just the NSA.
09-06-2013 , 04:02 AM
Quote:
Originally Posted by durrrr
the old room keys not working makes this seem more likely to me. anyone know if someone broke in without a key if it'd wipe the old code (on ur key)? anyway if its a key from the front desk 1) hotel security, 2) ask the people working at the time (very possible one of them's in on it but still worth asking n could always get a life-read if they are n u call em on it) 3)maybe they can lookup the time new keys were made or some other jazz on hotel systems even if no video etc
Good catch, Tom.

I missed this in the original post.

So the old keys failing to still work means that this was either an inside job or someone at the hotel being tricked into allowing unauthorized people to get new keys made.

Guess it's time to drop the "hacked keys" theory, even though it opened my eyes to something I didn't know existed.
09-06-2013 , 04:03 AM
Quote:
Originally Posted by Dixie60
The real spooky part about all of this. Is that there is likely a skilled team of criminals who are getting fed personal information about certain players. Like their room no's and whereabouts along with other sensitive information.

Somebody HAS to be on the inside here. And its really sad because you're going to have a lot of people all doubting each other now.

And there is more than a decent chance that the firm trying to pull this off will have plenty of form for hacking poker players in the past.

Every HS player in Barca should buy themselves a cheap temporary new laptop. I'd be to scared to even turn my old one on.

Such a horrible spot. GL
inside could mean a poker player, poker employee, or hotel employee. just throwing that out there
09-06-2013 , 04:04 AM
Quote:
Originally Posted by SmokeyJ
You really need to stop giving advice on things you don't know about, I see it from you all the time. For one ALL antivirus programs are constantly playing catch-up with the newest viruses, and also a good 'hacker' should be able to create something that isn't detected by the scanners.

Second, a security professional can 100% catch onto things that an AV scan won't.
This. Similar thing has happened to me in the past, and even if you get a professional to look over the laptop/run scans etc, there will always be that seed of doubt in your mind. We know mental ability is a huge part of online poker, and if these thoughts begin to enter your head whilst playing it may have a negative impact on results.

Personally I went for the safest option and bought a new laptop. Also beware as a poster earlier in this thread said, do not bring these laptops home and attach them to your home network before getting a professional to take a look.

Horrible situation to be in, and I would think there would be some sort of insider involved, as durrrr said above it could be a number of people. Anyone else with laptops that we're left in the hotel should also take the advice as it is very likely much more were victims
09-06-2013 , 04:08 AM
I'm staying at Pullman and had many problem with my room keys. I could change them at the reception without ever have to showing my ID or even tell them my name.

My laptop is password secured but is it possible to install a trojan/keylogger on it without logging in to the computer?

Regards,
Kenny
09-06-2013 , 04:08 AM
There are cameras on all the corridors and in all the elavators, shouldn't be hard to find out who went into those rooms
09-06-2013 , 04:08 AM
Quote:
Originally Posted by SpaceyFCB
My laptop is password secured but is it possible to install a trojan/keylogger on it without logging in to the computer?

Regards,
Kenny
yes it is
09-06-2013 , 04:10 AM
Wait, now I just reread the OP and it makes even less sense.

So the guy notices his key doesn't work, goes down to get new ones, comes back up, and his laptop is gone.

Then he goes down again (to complain about the laptop), comes back, and suddenly the laptop reappears.

This means that it's not likely another guest tricking the front desk to get keys to the room, as their "new" keys would no longer work (to put the laptop back) once the guest noticed his keys didn't work and got new ones again remade.

It's also not a hacker, or the original keys would still work.

So this has to be:

1) Inside job
-or-
2) OP isn't telling the story properly

Nothing else makes sense.
09-06-2013 , 04:17 AM
someone working at the hotel helped somehow - no need to be the smartest gringo out there to figure that out.
09-06-2013 , 04:27 AM
Quote:
Originally Posted by SmokeyJ
You really need to stop giving advice on things you don't know about, I see it from you all the time. For one ALL antivirus programs are constantly playing catch-up with the newest viruses, and also a good 'hacker' should be able to create something that isn't detected by the scanners.

Second, a security professional can 100% catch onto things that an AV scan won't.
wtf... Players are far from home, have access to just about nothing, and some are worried.
I offered a quick easy, free way to catch 99.999% of the crap floating around out there and people feel the need to counter it with these wild theories about undetectable viruses and super-hackers.
09-06-2013 , 04:48 AM
Quote:
Originally Posted by joeschmoe
wtf... Players are far from home, have access to just about nothing, and some are worried.
I offered a quick easy, free way to catch 99.999% of the crap floating around out there and people feel the need to counter it with these wild theories about undetectable viruses and super-hackers.
You're an idiot Joe.

You post a million times about stuff you know a limited amount about. Why?

Didn't you not post in nvg for a few months? Can't you do that again (and make the break a lot longer)?
09-06-2013 , 04:56 AM
this is nvg fwiw
09-06-2013 , 04:59 AM
Quote:
Originally Posted by Kilowatt
I mean, sure, this is possible, but Occam's Razor says this is not likely.

Even a brilliant criminal mind would figure that the typical poker player would be like "OMG OMG OMG I am reformatting and starting over" upon discovering what happened, so the chance of people copying back over their documents (and then opening the infected ones within a reasonable period of time) isn't that high.

The typical criminal doing this would simply hope that his actions go undiscovered, giving him the access for however long it remains that way. He assumes that once it's caught, the jig will be up. This was meant for some kind of short-term or short-medium-term gain, and not an eternity of victimizing the same person.
hah - talk out of your ass some more please.

a) You have nfi how people are going to react
b) lol at assuming that virus creators aren't going to bother with an infection method just because the chances "aren't that high" that people will fall for it? Yeah, they're totally going to just give up the freeroll to avoid writing a little more code.
c) Occam's Razor does not apply here.
d) Advising people in a way that disregards a very real general threat (document files) just because you think you know better in this case is dangerous and arrogant, and could easily confuse n00bs into thinking document levels are always going to be safe.
09-06-2013 , 05:08 AM
Quote:
Originally Posted by Kilowatt
So this has to be:

1) Inside job
-or-
2) OP isn't telling the story properly

Nothing else makes sense.
2 seems most likely, which of course doesn't exclude 1 as well. People get small (but important) details wrong all the time when telling stories like this.

And then of course there's the possibility which has been raised that the hacker/thief was hiding in the room somewhere unnoticed when OP first returned to the room. Also possible that when OP notices the laptop is gone, he rushes out of the room and doesn't pay attention to whether the door is closed properly or not.

Of course if everyone investigating this is doing their job properly, they already know exactly what happened - whether they've determined who did it is another story.
09-06-2013 , 05:11 AM
Quote:
Originally Posted by Yaksha
hah - talk out of your ass some more please.

a) You have nfi how people are going to react
b) lol at assuming that virus creators aren't going to bother with an infection method just because the chances "aren't that high" that people will fall for it? Yeah, they're totally going to just give up the freeroll to avoid writing a little more code.
c) Occam's Razor does not apply here.
d) Advising people in a way that disregards a very real general threat (document files) just because you think you know better in this case is dangerous and arrogant, and could easily confuse n00bs into thinking document levels are always going to be safe.
a) I do know how people will react because I've seen this played out over and over for the past 10 years. In fact, many victimized players panic to the point where they actually dispose of the laptop or give it away. Almost all of them reformat and are super-careful what they put back on, so this slick "document virus" plan would rarely work.

b) It's not about writing more code. It's a lot more effort to infect existing documents on the computer, and these perpetrators don't have the luxury of time. They want to get the computer, install the spyware, and get the thing back to where it was ASAP. This is like thinking that home invasion burglars might have also planted hidden cameras to spy on you having sex with your wife. Could they? Yes. Would it make sense for them to do this? Absolutely not.

c) Yes, it does.

d) Again, document viruses are used to trick users into infecting their computer. Nobody would use them when they already have physical access to the computer they want to infect. I advised that their documents are safe because they are unlikely to be infected in this particular scenario, and it's a pain in the rear to keep all of your personal data off your travel computer. It would be great for several reasons to travel with a laptop without sensitive data/documents on it, but that's just not practical for most people -- especially poker pros who spend a lot of time away from home. So rather than suggest ridiculous levels of computer austerity, I am advising a solution that wipes out the spyware (reformat) while allowing these people to retain important data files they might need while on the road.
09-06-2013 , 05:16 AM
Quote:
Originally Posted by joeschmoe
wtf... Players are far from home, have access to just about nothing, and some are worried.
I offered a quick easy, free way to catch 99.999% of the crap floating around out there and people feel the need to counter it with these wild theories about undetectable viruses and super-hackers.
No, you specifically advised against wiping or getting a new laptop and instead recommended using a free virus scan. You also specifically stated that a professional won't be able to do much more than a scanner.

These are not wild theories, they are straight up facts known by anyone who knows just about anything to do with computer security. Also it does not require a 'super hacker' to design something that will fly under AV scanners. There is a reason that no security professional out there would ever recommend just running a virus scan and being done with it if you think you've been compromised on a system that handles lots of money.

This is a thread where high stakes players potentially have a lot of money at stake. They do not need some random guy running his mouth like an expert and giving backwards advice.

Last edited by SmokeyQ123; 09-06-2013 at 05:22 AM.
09-06-2013 , 05:16 AM
Quote:
Originally Posted by Yaksha
b) lol at assuming that virus creators aren't going to bother with an infection method just because the chances "aren't that high" that people will fall for it?
Yeah, a scam attempt is always worth it, even at minimal chance of success.

Also, OP, I can help you catch these bastards. I only need a $25k payment up front to my Nigerian bank account to fund the investigations. pm me for details.
09-06-2013 , 05:19 AM
Theory: is it possible that there's some sort of hardware in front of the lock that copies the key if you try to use it, like those skimmers on atm's. You try to access your room but the key won't work (yet is getting copied). You return downstairs and meanwhile they go in your room with the newly made key, steal the laptop. You come back within a couple of minutes with the new key and can just go inside. Notice the laptop is missing and go downstairs again to complain. The thieves now return the laptop and leave unnoticed. You get back and the laptop is back again.

Still don't understand why they need to remove the laptop though as installing something takes not that much time anyway via a usb drive or something.
09-06-2013 , 05:28 AM
Quote:
Originally Posted by SmokeyJ
No, you specifically advised against wiping or getting a new laptop and instead recommended using a free virus scan.

snip
Did I really? I don't remember posting anything of the kind..
09-06-2013 , 06:06 AM
Don't know how much I'm adding here (if this has already been said, sorry I skimmed) but the theory that makes the most sense is this:

It's a hotel employee of some sort or someone with access to one (has to have power to deactivate keys and then also to reenter the room once a new key is activated). They likely were tampering with the computers while inside the room, and they made sure to deactivate the keys so they didn't get caught in the act. If they heard the jingling of the door, i.e. the person actually returned while this was happening, then it was time to scram.

If that theory is right, it means that for those like Jens and Ignat, they returned while the guy was still in the room, and they only know about it because the person was dumb enough not to just leave the laptop and give up on that computer. For others, the key deactivation was implemented to warn the criminal, but the person didn't return, and upon completion of the tampering, they returned the key status to normal. That means every single person is at risk if that's the case, fwiw.
09-06-2013 , 06:08 AM
Taking the laptops makes sense if the computer hacker was at a stationary location (set up in a supply closet or similar) and the computer transporter (maid, handyman, or similar) was checking rooms and shuttling laptops back and forth from the rooms.
09-06-2013 , 06:10 AM
Quote:
Originally Posted by SpaceyFCB
My laptop is password secured but is it possible to install a trojan/keylogger on it without logging in to the computer?
I am also interested in the answer to this question.
09-06-2013 , 06:15 AM
Having physical access to a computer means you can do whatever you like with it.

If you have the tools and the time, you can remove the hard drive, install that in another computer, and then mess with the drive's files, programs or whatever.. Then reinstall it.

You wouldn't need to turn the target computer on, or log in, or anything..

there are special circumstances, like encryption, where this is not so simple, but even that can be overcome with enough computing power and time.

Last edited by joeschmoe; 09-06-2013 at 06:20 AM.
09-06-2013 , 06:22 AM
Quote:
Originally Posted by joeschmoe
search
kaspersky trojan poker

My understanding is the various types of malware share common code elements. Those elemets are what the AV programs are looking for, and it doesn't matter what kind of program is infected, or if the virus/trojan is independent.

One time a Maxtor subcontractor in China was deliberately infecting brand new hard drives... probably on the boot sector. Maxtor was oblivious until Kaspersky told them.
Yes, malware do share common code elements. However, it is entirely possible to design malware that avoids all detections. When the stakes are high enough, this kind of malware will be made.

After all, it is relatively easy to test your malware program against virus protection software.

So, reinstalling the system is much safer than just scanning.

- mongeron

      
m