Thursday, December 14, 2006

Your Money is NOT SAFE at Full Tilt Poker

I'm still a bit shocked about how this ended. There was very little doubt in my mind that Full Tilt Poker would make this right. I have heard so many good things from people who have had positive experiences with Full Tilt Poker's support, I didn't think this would happen.

But it is absolutely true. Your money is not safe at Full Tilt Poker. Do not keep any money in your account there. If you want to play, deposit when you play and withdraw when you exit. If you have money on Full Tilt Poker right now, log on and withdraw it. NOW. If you use Neteller, there is no fee for this procedure and it is instantaneous. Do not keep your money at the site, it is not safe. It may cost them to do so many transfers, but as long as it doesn't cost you, it is the only way to guarantee the safety of your money.

Don't ask me what to do about tournament tokens. Those will always be at risk, unless you play them immediately after winning them. Luckily they are basically worthless to a thief, since they can't be transferred or redeemed for cash.

Fortunately for me I do not keep a large portion of my bankroll at any one site, but I do (did!) leave money at different poker sites to make it easier to just log on and play. This will be especially difficult for sites that hold your cash hostage while you work on a deposit bonus.


They are claiming, without proof, that the security of my system has been compromised. I guess I can claim the same thing, that their security has been compromised. I have the same amount of proof.

I would like to see Full Tilt Poker do more to protect your money, should you decide to leave it at the site. Something simple like having the option to prevent "foreign" IP addresses from accessing your account. Just a simple check box that says "Only allow US IP addresses."


Full Tilt Poker support gave me the hand histories. The guy didn't play $.50/$1 No Limit, he played $2/$4 No Limit. The hand histories are strange because many of they don't give the names and amounts of all the players in the hands. The money was dumped in about 70 hands. The bulk of my money went to the following players.


Here's an example of the hands, notice how it doesn't give info on all the seated players?

FullTiltPoker Game #1366234086: Table Plumas (6 max) - $2/$4 - No Limit Hold'em - 2006/12/07 - 0:00:56 ET

Seat 5: 39zonk ($491.80)
Seat 6: pokerPIMP_5 ($417.20)
poly_baller posts the small blind of $2
39zonk posts the big blind of $4
The button is in seat #3
*** HOLE CARDS ***
Dealt to DuggleBogey [9c 8d]
pokerPIMP_5 folds
DuggleBogey calls $4
HarriPotter: huh?
HarriPotter calls $4
JeffreyAlan raises to $16
poly_baller calls $14
39zonk calls $12
DuggleBogey calls $12
HarriPotter calls $12
*** FLOP *** [5c Ks 7d]
poly_baller checks
39zonk checks
DuggleBogey bets $157.10, and is all in
HarriPotter folds
JeffreyAlan folds
poly_baller calls $157.10
39zonk folds
DuggleBogey shows [9c 8d]
poly_baller shows [Kc Jh]
*** TURN *** [5c Ks 7d] [3h]
*** RIVER *** [5c Ks 7d 3h] [As]
DuggleBogey shows Ace King high
poly_baller shows a pair of Kings
poly_baller wins the pot ($391.20) with a pair of Kings
*** SUMMARY ***
Total pot $394.20 | Rake $3
Board: [5c Ks 7d 3h As]
Seat 1: DuggleBogey showed [9c 8d] and lost with Ace King high
Seat 2: HarriPotter folded on the Flop
Seat 3: JeffreyAlan (button) folded on the Flop
Seat 4: poly_baller (small blind) showed [Kc Jh] and won ($391.20) with a pair of Kings
Seat 5: 39zonk (big blind) folded on the Flop
Seat 6: pokerPIMP_5 didn't bet (folded)

Here's the IP of the guy who used my account [[ ]]


Shelly said...

Holy shit. Withdrawing now (since I haven't been playing anyway...)

jjok said...

this is absolutely horrid and scares the hell outta me.

Dugs, I'm so sorry about all's not right at all, nor is their response adequate.

I assume you are going to continue to press for hand histories during this chip dump time?

Total fucking bullshit.

SirFWALGMan said...

I do not get how having a foreign checkbox would help in general.. obviously an American player could have just as easily ripped you off.. as a matter of fact it could be a spoofed foreign address..

Anonymous said...

By "foreign" they could just mean "an IP address unlike one that was typically being used". Unless they specified that it was someone outside the US, "foriegn" may not mean what you're implying.

Aside from that, THANK YOU for reporting back to us on this. You should consolidate the posts into one post so that all bloggers can link to it and spread the word. I bet Full Tilt would change their tune then.

DuggleBogey said...

All this is true about "foreign" addresses, but I don't see the harm and if it stops a few thieves, it seems like it would be worth it.

Anonymous said...

We cannot stand for this type of response from Full Tilt. They should be helping you fully investigate how this happened. I'll help spread the word about Full Tilt. I was just about to make a new deposit on Full Tilt but now I'm going to hold off. Sorry to hear about what happened. Just to be on the safe side you may want to fully check your PC for any strange registry entries and spyware.

Anonymous said...

PSA posted on my blog...hope everyone follows suit. Thanks chipper for the idea.

MathP said...

My account is still under investigation and they have not answered me in over a week.

I have no way of knowing if I have lost any money in this yet, but what you just said scares the hell out of me.

Anonymous said...

According to, that IP address is in a place called Centennial, CO.

That's assuming it wasn't spoofed, as Waffles was saying.

Sounds like you might have enough evidence to go to the Feds. Isn't hacking and wire fraud their domain?

Anonymous said...

You would think a company that makes so much money would do everything it could to ensure its players feel safe. Backlash from stuff like this costs them much more money than a refund/investigation would. I got a full refund from neteller earlier this year when my account was hacked. I've had nothing but good experiences with FT, so hopefully they will do something to make this situation right.

GaryC said...


I am dumbfounded. I have heard nothing but good things and had nothing but good experiences with their support. Please stay after them and please tell us what becomes of this. Very disturbing.
Good luck with it.


SirFWALGMan said...

Hey duggles you know that goes back to an IIS server in the US.. Probably a compromised one that got hacked. You can see the IIS welcome screen which is almost always a sure sign that a machine has been hacked.

SirFWALGMan said...

Of course that may be the theif too.. If so you could try and report him to Verizon but they are not likely to help you.

Anonymous said...

Going to withdraw tonight. I hope neteller rakes in on fees with my constant dep/withdrawl.

SirFWALGMan said...

HAHAHAHAHA! The Feds.. lol. I used to do alot of security work for a small web company.. We would get hacks (attempts, some successful before I got there) and report them to the Feds and get laughed at basically..

If you go to forum.. Look for a thread by a guy named Aequitis. His account got hacked. He got the IP info.. He traced it back to an ISP account.. then sent a legal letter to the ISP requesting the persons personal information and threatening a lawsuit.. He was then able to contact that person and threaten legal action if he was not paid back.. something along those lines are probably your only hope.. Of course this guy was a lawyer so knew what he was doing..

Good luck anyways..

Anonymous said...

For what it's worth, I just did an IP traceroute on that address, and got ", UNITED STATES, COLORADO, ENGLEWOOD, NTT AMERICA INC"

Englewood and Centennial are both Denver suburbs, but aren't one and the same. Which makes me think the dude was possibly using an ISP that assigns dynamic IPs?

I dunno. Anyway, I hope you find them. A chip dump looks obvious. Unfortunately, you're going to need a subpoena to obtain the FT server logs for the accounts associated with this user names, and while it's most definitely worth it from a "I'm going to rip out his eye balls and fuck him in the ocular cavity", it's likely to cost several times the amount of $$$ lost.

Anonymous said...

The last stop on my traceroute trace says " []"

so, does this actually mean the perp is someone from inside FTP?