Topic: FORTUNEJACK.COM |Deposit 777 play with 1777 mBTC |Live Casino, Slots, Betting - page 240. (Read 464882 times)

As s leading crypto casino in the world, securing company digital assets and keeping user data secure from various online threats is a top priority for us. So far, we have rolled out successful application security strategy as a defense-in-depth approach, constantly adding additional layers of protection to reduce the risks, attack surface and to prevent and detect real-time cyber attacks on the FortuneJack resources.

Especially we pay a lot of attention to ATO (Account Takeover) protection, preventing attackers from compromising user accounts through brute-force or credential stuffing attacks.

In addition, we offer multi-factor authentication (MFA) as a service for our customers, which is the top-of-the range among other solutions.


P.S - If there are any concerns regarding the MFA or account takeovers, feel free to get in touch with us. We would gladly answer all of your questions.


FJ

They dont send mobile confirmation code again.
Is there anybody else with the same problem?

Change your pm settings so I can message you, or send me you

You should probably read the FAQ and preceding texts more. It's actually 29 picks (only 16 now because we don't know who progresses). Yes, it's virtually impossible but along the way there's plenty of prizes to win. All you need is ONE 3-win streak and you get a 3mbtc freebet, which will mean you've already more than up for the entry fee. I think the odds of coming out +EV on this one's really high!

I'll share my picks ONCE my streak ends, haha.

P.S. Anyone want to test Squasha? I don't want to create a new account=) It does seem like something to look into... from the effort he's put into his posts.

Apologies for my delayed response, it was a hectic weekend, but I am now able to finally sit down at my pc.

To clarify, this doesn't allow the ability to alter/change a 2fA on account by just knowing the username. In order for an account takeover to be necessary, both the username and the password need to known. This is done through brute forcing, credential stuffing, phishing attacks, and other types of malware such as clippers or cookie stealers. There are many ways your login details can become exposed on the web, and this is an entirely separate topic itself.

When you have 2fa enabled, after you enter your login details, you are presented with a screen asking for the 6-digit code which revolves in a timed rotation on your Google Authentication app. For an attacker, this is where the dead end would normally be. Without access to the device which has the authentication set up, there is nothing you should be able to do which would side step this.

This is not the case for Fortune Jack. This 2FA feature is useless if an attacker knows your login details.


Fortune Jack never responded to anything I wrote them, whether it was through a direct email, making an account on their support site, talking to their live chat, etc.

For reasons unknown to me, this is not important to Fortune Jack, as I never did, and still haven't received as much as a single word. They close my open reports with them, they respond to other people commenting on this thread, I really just do not understand it.

When a user creates a new account, the first thing you see in big, bold red letters at the top of the screen states, "DUE TO THE NATURE OF THE ONLINE GAMBLING INDUSTRY, ACCOUNT TAKEOVER IS EXTREMELY HIGH. PLEASE SETUP TWO-FACTOR-AUTHENTICATION TO ENSURE THE SAFETY OF YOUR ACCOUNT" (might not be word for word, but it is something close)


This is not any kind of bait or phishing attempt.

This can be replicated as many times as you like. If someone makes a new account (The information used can be all made up and not tied to you at all) and enables 2FA, if you supply m e with the login username and password to the account, I can have full control of the account in less than a minute.

I am more than happy to do this, and to show you that what I am saying is valid. However, if you don't want to believe what I am saying, that' 100% up to you.

I made this post to tell the players of Fortune Jack, that you are using a system with a completely flawed security practice. The company in charge of holding all your balances and account info safe, doesn't seem to give a shit. I will tell you right now though, that if you log into your account and some malicious actor drained your balances, Fortune Jack's response to this will informing you that you have two-factor authentication setup, and this ensures only YOU are able to log in to your account.

Of course it seems easier,,, because there are only 3 outcomes in a football game, but there are many many more scorers and chance for them to put the ball in the net in a game. I still think a free game like Jackmate is worth to play though, do you not?

BTW it is ban for 2 years. Starting next season. And City are appealing.

This is not 5 years its just 2 years and this promotion is starting from 19February 2020 because now we are in knockout round of Champions League as @jostorres saying its really big challenge even we are going to predict win lost or draw I am also feeling this is not going to be easy because its not about 6 or 7 matches we have to predict 16 matches for 10 bitcoins and if someone can achieve then surely he is going with double or treble winning with this but going to join this as its very attractive and need something from us.

Well , predicting the winner of a game seems relatively easier then predicting the goal scorer . so we might have a chance , even if it's a small one , I think it's still a better one then with jackmate.

But I'm curious about something , recently it's been announced that Manchester City was banned from all UCL games in the next 5 years ? Will this affect the upcomming games ? or is it starting from next year.

We have been here trying to do jackmate from the start of the season and I have not heard anyone reach the 7/7 at all, and that was just 1 bitcoin one, this is more like a 16/16 and that is really looking impossible for 1/2 as well, there is no way anyone is getting that 10 bitcoin, they could have named it 100 bitcoins and nothing would change since I doubt anyone would get it anyway.

However, the great thing about fortunejack is the fact that they realize nobody may win that so in order to help us get motivated they put a lot of rewards to lesser wins and allow us to make a good amount of money or free bets etc with a lot lesser streaks so that we would get at least something even if we can't win the big prize so there is always a reason to join to get those.

This must be a bait, there's no way you can disable 2fa. Try on acc jalef14

Finally, some more good news. I have waiting for an announcement of a champion's league game for a while now. winning that 10 BTC would be super awesome and it would need someone to be super lucky. Let the games begin. 

That does sound like a very serious threat if that's true, that should be taken care of very quickly if it is true, normally even the smallest bugs should be fixed and this sounds like something a lot more serious than just a small bug in the system, this sounds like a very very serious problem that could see everyone's accounts stolen if anyone wants to. I am not a developer nor a coder so I have no idea how that is even possible considering 2FA suppose to be the real savior when it comes to account protection but seeing how that is possible makes me scared of now putting any money into my account.

Hopefully, fortunejack finally respond to him and sees whats wrong and what could be done, pay the dude for his work and then fix the issue to cover it up.

Thanks for the confirmation FJ, this makes it a really, really good contest to participate for just 1 mBTC. I've been really shitty at picking 1x2 but I do fancy my chances of getting at least one streak that's more than 5, and I especially don't see a draw in the first round of 16 matches.

Good luck to all, and BugSquasha, perhaps your bug is not replicable?

@Bugsquasha that’s a serious allegation and I hope you’ll be able to prove it if someone can provide you with a account, however @Pmalek has correctly pointed out that none of us can have more than one account and therefore we can’t provide you with a account but I’m hoping team FJ will investigate your claim. Furthermore premier league is back so here are my picks: Bruno, Aguero, Girioud, Salah and Ali.

It is against the rules to have multiple accounts so that shouldn't be done. But someone who has never gambled on FortuneJack could create a new account and send you the details. I am really curious how this will be resolved.

Is anyone who has no account interested in trying this out? 

Let me first start out by saying I was very optimistic about the "bug bounty" program which I saw posted by Fortune Jack throughout numerous boards, but after my experience today, and I can safely say that it is backed by absolutley nothing on their end.

I sent numerous emails to their support team, I was told to email different members of their team after creating an account, and no one would even answer a single question I had about their program and the scope involved.
Online casino's do not have a history of running their own bug bounty programs, nor do they work with outside companies. I took great care to approach them as professionally as possible, and not have the tone as if I was attempting to use my knowledge to extort them into paying a high bounty. After over 14 hours, not only did they never take a minute to acknowledge me, my questions, or anything at all, but they also closed my ticket without with a single word.

Can't say that I am shocked though, so after trying and failing to take the path they created for these situations, I would rather alert the playrbase of Fortune Jack to the complete disregard they have shown regarding a severe vulnerability.

Literally every single one of your accounts can have your 2FA bypassed, reset, and resigned to any device a malicious actor decides to. The process takes less than 20 - seconds, and this makes account takeover an easier process than actually registering for an account in the first place.

I have been a long time player at Fortune Jack myself, but I just wanted to at least get the word out to the Bitcoin Talk community that I would strongly consider not leaving any funds to sit in your wallets. If this reaction from half a dozen of the workers at this organization, I have no faith in their ability to keep your funds secure.

This entire process is also only possible because of their negligence and their code. This does not involve any payloads to be done on the attacker end.

Be alert, and be safe out there with your funds. Hopefully companies begin to take their customers security more seriously in the future.


Edit: If you would like proof, make an account (DO NOT SEND ME YOUR REAL, LIVE ACCOUNT) and link a 2fA with Google Authentication. I will have it disabled and resigned to my own number in less than a minute.

Nice competition FJ, I hope I was one of the first to place my bets. I went for broke on the Last 16 rounds, made all my picks without a single draw! One question that's not very clear. If you get a streak, let's say 3-wins. And then you lose on the 4th, it resets to zero. But if you get another 3-win streak, do you win the prize a second time as well, or is 1 prize winnable only once?

Also, is the 1mBTC fee payable per stage or is that only a one-time fee?

It's a very cool concept, but the rules are a bit hazy on some parts. Sorry to ask;)


Ah then one aspect where we are different is I don't pick the favourites. I simply pick based on striker stats as I explained. So at times I'll be picking Ings even with Saints as the underdogs, or even Rashford at times when I bet on the other team.

Definitely a hard contest, I've only got 5/7 once as I said and that was earlier in the season (and I could have got 6 if I didn't switch!). I stupidly bet my prize on a parlay that actually almost won... but the last leg was a Liverpool win against Napoli haha.

you're absolutely right! 

I have literally played exactly like that for the past weeks for example. I have picked the team that was the favorites to win the game, I also picked the player that scored the most goals for that team so far in the season, removed injuries and red cards etc (or maybe even fatigue benched if I know it will happen) and just let it be.

So far best I have done was 4/7 for example at the early season and it comes out to average 3/7 most of the time, mainly because the teams I pick do not play as well as I imagine instead of players not scoring, when the team I picked wins, the player I picked usually scores as well (of course sometimes that doesn't happen neither but less likely). So, it is hard to figure out which 7 teams will have a score, sometimes there is even 0-0 results.