GGpoker Cheating Scandal
Yes, you may have heard the news that there is a cheating scandal involving GGpoker. The world’s largest poker rooms software has been hacked.
Here is what GGpoker has said via their press release today, 29th December 2023:
GGPoker recently spotted unusual game patterns and abnormal game client packets from a user nicknamed ‘Moneytaker69’. Our technical security team investigated the issue, identified a client-side vulnerability, and fixed what caused these unusual circumstances. We have banned the user and confiscated the unfair winnings, equating to $29,795. Below are the details of how this player exploited the system and gained an unfair advantage:
Under a specific set of circumstances related to the ‘Thumbs Up/Down Table Reaction’ feature, which involves decompilation of our Windows game client, interception of network traffic, and alterations of our game packets, Moneytaker69 was able to customize his own game client. These customizations could only be made to our Windows desktop game client since part of our desktop client leverages the Adobe Air framework, which has attack vectors that other frameworks do not. At no point was the user able to access our servers or server data, including others’ hole cards. Through this customized game client, he was able to deduce all-in equity by exploiting a client-side data leak vector. Our engineers detected this vulnerability and issued an emergency update on December 16th to disable the Thumbs up/down table reactions. However, the user was already in possession of the customized game client, which he blocked from receiving further updates, and was able to continue to accumulate the data leak during the flop and turn. Through this accumulated data, he could guess his win probability with reasonable assurance.
We have since issued security patches to prevent further client-side data leaks of this kind and have added solutions that will detect and prevent players from customizing the game client to their benefit. We will refund $29,795 to the affected players and also reconcile the payout for the impacted tournaments in the next 24 hours.
We sincerely apologize for the incident, which has caused many poker players to worry about the game’s integrity and shaken their trust in GGPoker to provide the best poker experience. We take this incident very seriously and continue to work hard not to disappoint poker players. Additionally, we are actively recruiting to double the size of our technical security team and are enlisting help from renowned security professionals to ensure that online poker is safer than ever.
We would also like to thank the poker community. This incident further proves the power of our community and the poker players’ hive minds, as constructive community feedback gave us great confidence in resolving the issue. We will continue to take community feedback seriously and open our ears to all comments and suggestions. Let’s build a safe future together. (source: https://ggpoker.com/blog/news-headlines-press-releases/important-update-on-ggpoker-security/)
GGpoker Cheating on Socials & Forums
Many online poker players have voiced their concern regarding this news via social media, in particular on Twitter, including failed online poker site owner of Run It Once, Phil Galfond:
There is also a thread regarding this issue on 2+2 forum with additional evidence and detail.
The player in question; MoneyTaker69 had a VPIP of 53%, and had a mind-boggling win rate of 90bb/100.
The probability of the events occurring were calculated as below:
Even with simulations of 1000 trials, the computer calculated the luckiest run would still show a negative return:
MoneyTaker69 also managed to bink himself a tournament in the process:
Some evidence which was put together of questionable results:
What now for online poker?
This is a huge story in the world of online poker, and will send shockwaves through the community. If this is being done on the largest and one of the most trusted poker sites in the world, then what is happening on the other, smaller poker sites people will be asking themsleves.
MoneyTaker69 had a fairly amateur strategy of using this additional information, are there more intelligent players, using this same information loop and slowly grinding results and going under the radar?
Many players have aired their concerns of this news and thought this was an issue from 10 or 20 years ago and had long since disappeared.
With GGpoker confirming they are going to double the size of the security team, is this them admitting that they were not taking the security of their site and players seriously?
A lot of questions still to be answered, but this story does not look like going away any time soon.
You can learn more about the site on our GGpoker review.
If you have played at the same table as MoneyTaker69 and have any more details you would like to share, please reach us at: [email protected]