Hackers breaking random number generators demonstrates how lottery industry's reliance upon computerized drawings is bad idea
An international syndicate of Russian hackers that cashed out millions from slots in U.S. casinos over the years is focusing its efforts on South America and Europe after busts in Missouri and Singapore.
The Russian syndicate most recently struck in Peru, a security consultant to slot-makers told a group of U.S. regulators at a Las Vegas conference Thursday at the Luxor organized by Gaming Laboratories International. Wired magazine first reported the story about the syndicate last month.
The existence of the Russian group, which might have been operating for as long as a decade, was first spotted in Missouri in May 2014. The FBI made its first arrests later that year. Singapore police caught syndicate members cheating in May 2016.
Details about the group are still emerging. It might consist of between 40 and 70 individuals with a headquarters in St. Petersburg, Russia.
"It took us 10 years to finally spot these guys," consultant Rex Carlson said. "It is so insidious; it is really hard to see. We are finally arriving at a complete story now."
The syndicate figured out some of the inputs of the random number generator, or RNG, of certain machines and manufacturers. That enabled the hackers to better determine when to hit the button to win.
The syndicate used an elaborate scheme with plenty of computer firepower, Carlson said. So-called scouts would initially troll the casino floor and send back video of slot machines the headquarters was familiar with. Hackers would then put the video on their computers and reverse engineer aspects of the machine's RNG over the course of several weeks.
Next, foot soldiers would be sent back to play the machines. They would be armed with two phones, one in their shirt pocket that took video of the slot screen and one in their pants pocket. The phones had four applications representing four manufacturers, including Aristocrat Leisure Ltd. The pants pocket phone would buzz when it was time to hit the slot button.
"At first look, it would seem like an RNG that is really hard to beat. But these guys managed to do it. They have a lot of computer resources available to them," Carlson told the group.
The group focused on machines that were used in casinos around the world so it could continuously move from state to state and country to country. It also kept its winning average low so as not to attract attention. The group used secured communications, rented large servers around the world and paid footmen in bitcoin to avoid detection.
An Aristocrat company spokesperson said it is aware of only a handful of reports of suspicious activity on a legacy installed base of over 100,000 Mk VI machines around the world, most of which are outside the United States. Aristocrat has received no reports of suspicious activity from the USA since 2014, the spokesperson added.
"Computing has moved along so fast that we now have bad, smart guys that can create algorithms to beat RNG if they aren't complex enough," Willy Allison, casino game protection consultant and owner of World Game Protection Inc., told the crowd. He and Carlson said so-called cryptographic-secured RNGs would help prevent such hacks.
Allison said many U.S. casinos aren't well-prepared to deal with the new generation of cheats, with some still using techniques "photocopied" from Atlantic City and Las Vegas 25 years ago.
Casinos need to hire more technology-savvy security professionals, Allison told the crowd.
Thanks to eddessaknight for the tip.
If man can Make It man can Break Into It!
It makes me wonder about the RNG lottery games. Are they at risk?
Stay with the physical ball games.
Sure they at risk Music. Our very own chief bottle washer has been saying it for years.'Tis part of his signature.
It used to be that you couldn't film or photograph in casinos, mainly for security reasons such as casing the building and filming cctv locations.
I wonder if this is the real reason.
It seems every where I read lately, from politics to gambling, the Russians are behind some sort of prank to cause problems. I think it's time to step up a defense with these clowns.
Mechanical ball drawings is the long and short of it. Preferrably without those 'hacking pre/post-tests' also. These Russians are running rampant with their cyber technology...which they actually warned us about not very long ago. Will post the information in the blogs later. This is serious.
It's what people call " white privilege."
Now if Nigerians were casing a casino looking up cctv locations etc? Game Over Max.
Many many years ago, my path crossed with Gus, the Umbrella Man. Gus was a thief who wd enter stores, stuff the unpaid merchandise down an umbrella he carried, and unsuccessfully walked out. Gus made the big time when there was an outage at a casino and then he won $1.7 million bucks from a slot machine. It was headline news in the SF Bay area. They were looking for Gus but when they went to his room, all they found was his pacemaker. So, then the headlines were speculation about Gus being a victim of "foul play." He wasn't. He was deeply involved in the heist. It all seemed like a forgotten dream until some years later, I ran across an obituary for Gus. When I would later try to find info on him, I could never remember his long Greek name. This article made me do a serious search on him and I found this article. It seems to omit some facts as I recall them, and I think that is deliberate. Anyway, he was a funny guy:
http://www.nytimes.com/1983/09/24/us/computer-wizardry-led-to-1.7-million-slot-machine-jackpot.html?pagewanted=all
It doesn't say from article or it was proven that they changed/altered the machines Rng's, so i don't get it why are they called hackers ??
Looks like they figured out the algoritms used by the machines using their own intelligence/skills plus computers,which is what a lot of us on LP are trying to do anyway. So are LP members hackers ??, b/c we are organized in a large group with many members connecting daily, some using precision build software to figure out the lotteries Rng's ?
Here's an idea. Let's not let hackers into the rooms with either the RNG machines or the ball machines.
Anything running on computers can always be hacked. It's men that create this stuff, someone is always going to be smarter . Stop the RNG in lottery
MaximumMillions,
Those weren't the only reasons. People who were supposedly on 'business trips' didn't want to be photographed anywhere in Vegas.
The California Hotel/Casino was the exception to the rule, people could take all the photos they wanted.
You are right of course. I guess in some circles any gambling is frowned upon and some people told their spouses one thing while doing another (with someone else).
They'd just have to show their Nigerian prince papers and they'd be on their way.
From Russia with Cheats!
Watch this educational video to win $100 from slot machines every time.
Aye Coin, good points taken
Speaking briefly, from ground zero gaming Las Vegas:
Invisible forces, that we don't know, affect us much more than what we do know.....
Super computers reduce unknown variables, more & more, every day to variables thus directly impacting the 'chance' factor and increasingly putting gambling itself at risk.
If you remember back a few years, one of the fav slot cheat tool was the clumsy & risky mechanical 'monkeys paw' There have been so called algorithm devices and now another darling cheat slot gizmo is remote hand held (in pocket) electronic that product that emits an energy of either a ultra high frequency sound or infra ray beam from an ostensibly passer by. Security really having a tough time with that one.
The old cat & mouse or cops & robbers game continue everywhere- better mouse traps - smarter mice.
Never Say Never......
Eddessa_Knight with One
Light of Truth
Veritas lux mea est
eritas lux mea est
Aye Coin-
Invisible forces, that we don't know, affect us much more than what we do know.....
Meaning here super computers are constantly reducing the gaming unknown variables to the known, thus impacting greatly on outcomes.
Here @ ground zero gambling, there were active gambling actor that were very proficent
LOL! is this satire?
Thefts and frauds on electronic gambling machines are not new. They have often involved the use of custom-made gadgets such as ‘Kickstands’ or ‘Monkey Paws’ to disrupt the inner workings of slot machines. These tools have been developed by reverse engineering the manufacturers' machines and then customizing them to defeat the official software or hardware. For example, ‘Magic Wands’ are miniature light devices with camera batteries, which cheats use to blind the internal optical readers of slot machines inducing them to coin out on command. Organized into mobile teams of two or three members, slot cheats of this sort usually attack multiple machines at multiple sites for small payouts (CA$1,000 per hour) thus minimizing suspicion and avoiding detection
Other groups develop sophisticated ‘cracking’ techniques by using microprocessors, micro-controllers, computer hardware and computer programming languages. By developing and deploying a computer program that simulates the random number generator (RNG) algorithm of a gambling machine, by establishing an extensive information base on gambling combinations and by using a computer generated search mechanism, hackers have uncovered and exploited the RNG payout codes of VLT machines. One law official described in an interview the modus operandi of VLT cracking:
Three subjects would travel to a business with VLTs. First person would stay in the vehicle with a lap top computer, radio equipment, etc. Second and third subjects would enter the business. The player would be outfitted with a video camera, communication equipment, an ear piece and a power source. This person would focus the camera on a terminal screen and relay the playing/spinning of the screen to the operator in the vehicle enabling the computer guru to determine where the screen was in the random mode. From here the person with the computer using high speed equipment could tell how far away the terminal was from paying out. When the device was close to paying out the person inside the business would be told to increase the bet from five credits to 50 credits.)
As u can see, u need a team of highly skilled experts to hack slot machines. Someone with mechanical aptitude to reverse engineer a slot machine to know the mechanical aspect of it, then someone with a computer software knowledge needs to tinker with the software and look for flaws to exploit. Every single computer software has at least one flaw, plus most programmers create a backdoor to reaccess the software later. A hacker can find these and have a complete control over a software. Finally, a team of hackers and crackers are needed to get online to do the damage. DDOS attacks are also increasingly common to disrupt the online gambling sites' money exchanging schemes.
The slot heist I linked to, happened in 1983. They say the machine computer chip was tampered in some way but they do not go into specifics. The mistake of the thieves was to go after a $1.7 million jackpot.
Sure wish there were some Russians around to help me last week in Las Vegas.
My last night there looked out of the hotel window to Venetian and started getting 'go there that feeling'. Didn't go, but next day talked my Brother and his wife to go. Even though it was right out front, it was still three long blocks to get there. Anyway Brother hit a jackpot while there and was so glad I suggested we go there.