GGPoker Embarrassed by ‘Superuser” Cheating Scandal

Posted on: January 2, 2024, 04:47h. 

Last updated on: January 2, 2024, 05:40h.

Philip Conneller @casinoorgphilc Read More
Expertise: Gaming Business, Regulation, Tribal Gaming.

GGPoker has apologized to its players after a “superuser” was able to exploit a weakness in the online poker giant’s software to cheat opponents out of thousands of dollars.

GGPoker, Moneytaker69, superuser
A screenshot from the GGPoker website that doesn’t show MoneyTaker69’s cheating antics that relieved cash game players of almost $30K, plus more in tournament winnings. (Image: GGPoker/PLO Mastermind)

In a statement last Friday, GGPoker said a player with the username “MoneyTaker69” had been banned from the site, and the “unfair winnings,” equating to $29,795, would be redistributed to players who had been cheated.

The operator said MoneyTaker69 hadn’t been able to see his opponents’ hole cards, but had been able to “deduce all-in equity by exploiting a client-side data leak vector.” In layman’s terms, this suggests he found a way of gaining an idea of the percentage probability of winning each hand, even though he didn’t know the precise hole cards of other players. The company has since patched up the vulnerability, it said.

“We sincerely apologize for the incident, which has caused many poker players to worry about the game’s integrity and shaken their trust in GGPoker to provide the best poker experience. We take this incident very seriously and continue to work hard not to disappoint poker players.”

Player Power

The operator claimed that its security team had “spotted unusual game patterns,” leading them to investigate the player. But the first to go public about MoneyTaker69 was a poster on the TwoPlusTwo internet poker forums.

Calling himself “GGPoker Superuser,” the poster noted that MoneyTaker69 had won 90 big blinds per 100 hands over 8,900 hands while playing at  a rate of 53% VPIP (voluntary put in pot). In layman’s terms, that means MoneyTaker69 had been on a winning streak over a large enough sample size of hands to make it almost impossible. And he did this while demonstrating a suboptimal preflop strategy, to say the least.

GGPoker Superuser also noted that MoneyTaker69 won a multi-table tournament for $47,586 “while playing an extremely volatile strategy, which aroused a lot of suspicion.”

GGPoker said it would also reconcile the payout for the impacted tournaments, along with the cash game victims. The site also praised the poker community and “the poker players’ hive minds,” adding that “constructive community feedback gave us great confidence in resolving the issue.”

Link to Hacking Group?

Curiously, “MoneyTaker” is also the name of a hacking collective that has orchestrated at least 20 attacks on banks and financial services companies in the U.S., UK, and Russia. However, there’s no indication MoneyTaker69 had links to the group. The moniker is likely to be a simple play on the name of 2003 World Series of Poker champion Chris Moneymaker — one that proved to be equally apt.

The incident recalls another “superuser“ cheating scandal where an account playing on AbsolutePoker in 2007, “Potripper,” was exposed, again by players on the TwoPlusTwo forums. The site later admitted players had been cheated over a period of 40 days and promised to refund $1.6 million. On this occasion, the superuser could see his opponents’ cards.

A similar incident occurred at around the same time on AbsolutePoker’s sister site, UltimateBet. This time, UltimateBet shareholder and former WSOP Main Event champion, Russ Hamilton, turned out to be the main perpetrator.