Vulnerabilities in gambling websites in past - page 14.

LUCKMCFLY

legendary

Activity: 2590

Merit: 1882

Leading Crypto Sports Betting & Casino Platform

Quote from: khaled0111 on August 05, 2022, 06:23:34 PM

Quote from: gunhell16 on August 05, 2022, 01:13:39 AM

sometimes other casinos have issues regarding transaction confirmation taking too long.

In some rare cases, slow transactions may be caused by a bug in the casino's payment system (ex. inaccurate fee estimator) but in most cases this happens simply because the casino has bad services. It's not really a vulnerability which may be exploited to compromise the security of the platform (ie.steal customers' funds and/or data).

Quote from: stomachgrowls on August 05, 2022, 02:53:15 PM

...

Despite its importance, most casinos - especially New ones- do not invest too much (if ever) in the security of their platforms. They do not conduct security audits or have any bug bounty programs. This is why we see new casinos get hacked all the time.

It is that all these cases can be understandable, it can also be that the casino has its limits and that can be corrected, but I have seen on many occasions that casinos when they make or process their withdrawals automatically is much better than doing it manually , and as I have said in other similar threads, when I see that they make withdrawals in manual mode, I stay as far away as possible, because nobody under any circumstances can retain our funds when playing legally and achieving the objectives respecting all the rules, So this is something that must be taken into account so that you do not fall into errors of this type, which for many clients is usually quite annoying.

stomachgrowls

hero member

Activity: 3010

Merit: 794

Quote from: Peanutswar on August 23, 2022, 07:55:37 PM

Quote from: stomachgrowls on August 23, 2022, 03:11:46 PM

Quote from: |MINER| on August 23, 2022, 05:22:55 AM

Quote from: ?? on ??

~snip~

I think you didn't get the meaning of vulnerabilities . The risk you are talking about and the reputation of the casinos are completely different things. Vulnerabilities are weak systems in a website that can be used by hackers to win slots or steal money from casinos.

This do really shows that there are some users who dont really have any idea on what they are talking or doesnt know the differences in between reputation and security system talks.

And as mentioned this is totally different if you do really make out some in-depth understanding but turns out that people arent really that having the time at least. Cheesy

Vulnerability is always there and thats why companies or platforms do hire out those security enhancement kind of people on the site since this is a business
that do involves huge money then it would really be just common sense that they would be putting some emphasis.

With that vulnerability is the prone of the system or the gambling platform itself and by that the players or the users at the same time is at risk so make sure the platform has a high class of security to make sure all things are safe to do. Like mostly it is a money transactions and of course still there some chance of the system is vulnerable the hackers now grab this opportunity to steal.

With soo much money do made out by gambling platforms or businesses then it would really be just normal that they would really be putting some emphasis or importance when it comes to security.

This doesnt only ensure peoples funds but also does increase out confidence on people who are playing and to those who are tending to play when they do able to observe that this platform does have some good reputation when it comes to security which means it could hook up potential players on the market.

Vulnerability would be always there since there's no perfect security on this world but if they would be that active on putting up some updates and maintaining it then it would be fine.

348Judah

hero member

Activity: 714

Merit: 521

Quote from: ethereumhunter on August 23, 2022, 08:19:03 AM

Losing money in a casino is not a casino vulnerability but it is because of your lack of control that you experience losing money

here i think the gambler is the one with vulnerabilities and not the gambling, any error that comes from the user's end is as a result of the gambler's failure to have avoided that, moreso it's all about taking risk, so why should there be fear when the consequence is felt.

Quote from: ethereumhunter on August 23, 2022, 08:19:03 AM

But if the crash you mean is losing funds because there are hackers who can enter the casino system and take members' money, including funds in the casino, that's just a website vulnerability.

that's why every gambler need to investigate well and have recommendations on any gambling site they wanted to because some already have a good reputation history and maintain that fact not being compromised, while some casinos are already failing right before they start, but it all depends on the operators of the casinos.

radontm

newbie

Activity: 4

Merit: 0

Quote from: khaled0111 on August 23, 2022, 06:08:45 PM

OP mentioned the race condition vulnerability which seems to be the favorite vulnerability for hackers who are into this mainly for the money as it may allow them to edit their balance and withdraw more then they actually have. It will be interesting to read how it works in details!
Another common vulnerability you can find on many websites is not setting a limit on how many times you can enter a wrong password. This makes it easier for hackers to perform a brute force attack.

Yes you are right, most website have no protection against brute force. But on our last scans, we found many of them leak real server ip behind cloudflare. Found sensitive login pages, like: cpanel ftp, ssh, admin panel, phpmyadmin, etc. Brute forcing on these can be more dangerous than users logins.

Peanutswar

legendary

Activity: 1708

Merit: 1280

Top Crypto Casino

Quote from: stomachgrowls on August 23, 2022, 03:11:46 PM

Quote from: |MINER| on August 23, 2022, 05:22:55 AM

Quote from: ?? on ??

~snip~

I think you didn't get the meaning of vulnerabilities . The risk you are talking about and the reputation of the casinos are completely different things. Vulnerabilities are weak systems in a website that can be used by hackers to win slots or steal money from casinos.

This do really shows that there are some users who dont really have any idea on what they are talking or doesnt know the differences in between reputation and security system talks.

And as mentioned this is totally different if you do really make out some in-depth understanding but turns out that people arent really that having the time at least. Cheesy

Vulnerability is always there and thats why companies or platforms do hire out those security enhancement kind of people on the site since this is a business
that do involves huge money then it would really be just common sense that they would be putting some emphasis.

With that vulnerability is the prone of the system or the gambling platform itself and by that the players or the users at the same time is at risk so make sure the platform has a high class of security to make sure all things are safe to do. Like mostly it is a money transactions and of course still there some chance of the system is vulnerable the hackers now grab this opportunity to steal.

khaled0111

legendary

Activity: 2702

Merit: 3045

Top Crypto Casino

OP mentioned the race condition vulnerability which seems to be the favorite vulnerability for hackers who are into this mainly for the money as it may allow them to edit their balance and withdraw more then they actually have. It will be interesting to read how it works in details!
Another common vulnerability you can find on many websites is not setting a limit on how many times you can enter a wrong password. This makes it easier for hackers to perform a brute force attack.

stomachgrowls

hero member

Activity: 3010

Merit: 794

Quote from: |MINER| on August 23, 2022, 05:22:55 AM

Quote from: ?? on ??

~snip~

I think you didn't get the meaning of vulnerabilities . The risk you are talking about and the reputation of the casinos are completely different things. Vulnerabilities are weak systems in a website that can be used by hackers to win slots or steal money from casinos.

This do really shows that there are some users who dont really have any idea on what they are talking or doesnt know the differences in between reputation and security system talks.

And as mentioned this is totally different if you do really make out some in-depth understanding but turns out that people arent really that having the time at least. Cheesy

Vulnerability is always there and thats why companies or platforms do hire out those security enhancement kind of people on the site since this is a business
that do involves huge money then it would really be just common sense that they would be putting some emphasis.

ethereumhunter

hero member

Activity: 2912

Merit: 541

Leading Crypto Sports Betting & Casino Platform

Quote from: ?? on ??

There are many vulnerabilities in gambling so far and many of us that were a victim had learnt from the hard way of going for what has reputation and backups. I know I had used some of gambling sites that made me lost some funds because of the high profits I was making there not knowing that I was in the wrong gambling sites. When it crash many gamblers lost bigger funds that is even more than what I lost. Everything in gambling is risks.

Losing money in a casino is not a casino vulnerability but it is because of your lack of control that you experience losing money. And if you mean by crash here is the price of bitcoin dropping sharply, that's not a vulnerability either but it's because of market movements that make the price go up and down.

But if the crash you mean is losing funds because there are hackers who can enter the casino system and take members' money, including funds in the casino, that's just a website vulnerability. And it needs the attention of the casino team to fix the system and refund members' funds immediately. Otherwise, they will lose the reputation and trust of their members.

|MINER|

sr. member

Activity: 1274

Merit: 457

Vave.com - Crypto Casino

Quote from: ?? on ??

~snip~

I think you didn't get the meaning of vulnerabilities . The risk you are talking about and the reputation of the casinos are completely different things. Vulnerabilities are weak systems in a website that can be used by hackers to win slots or steal money from casinos.

Note3

member

Activity: 117

Merit: 10

Quote from: ?? on ??

Quote from: OgNasty on August 22, 2022, 02:28:17 PM

The worst vulnerability that I'm aware of was with directbet.eu during the block wars of 2017 (I believe). It was an on-chain gambling platform where you placed bets and then sent funds in to an address instead of depositing on a platform. I think this was the best way to do gambling with crypto and when users began using high fee periods to double spend losing bets it caused the site to shut down. No attempt at launching a replacement on-chain gambling platform has been made since that I'm aware of, which was a big step back for online gambling with crypto.

There are many vulnerabilities in gambling so far and many of us that were a victim had learnt from the hard way of going for what has reputation and backups. I know I had used some of gambling sites that made me lost some funds because of the high profits I was making there not knowing that I was in the wrong gambling sites. When it crash many gamblers lost bigger funds that is even more than what I lost. Everything in gambling is risks.

What you mention is not a vulnerability in my opinion, because vulnerability is when there is a loophole that players or hackers can use to take advantage of the casino to their detriment. Your story is just that you chose the wrong casino so you can't get what you've won.

Silberman

legendary

Activity: 2534

Merit: 1338

Quote from: virasog on August 21, 2022, 08:12:26 AM

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

It is the duty of the gambling sites to develop sites that are bug free and there are no vulnerabilities. People deposit their hard earned money on the gambling site and if the gambling site is not secured then there are a lot of chances that people lose their money and are at the risk of hackers.
With the advancement of technology, this risk is minimized but still, the hackers and the intruders are active exploits any loop hole in the system.

It is true that casinos have the responsibility to protect our coins to the best of their ability, however it is also important to notice that since one of the basic premises of this market is also to become our own banks we cannot relinquish the whole responsibility to the casino, after all while sometime casinos are hacked and this is how criminals get to our coins, it is way more common that hackers somehow get that information from us and then they get whatever coins we had in our different wallets, exchange accounts and casinos, so it is important to also do our best to protect our coins even when we deposit our money at a casino.

khaled0111

legendary

Activity: 2702

Merit: 3045

Top Crypto Casino

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

Not sure I understood what you meant to say in the first sentence but a vulnerability is a weakness in the security of the platform which, when exploited, gives the attacker access to resources he is not supposed to have access to. Depending on the severity of the vulnerability, the attacker may get access to users data, hot wallets or even get root privileges.
I agree with you that the security of the casino is the responsibility of the casino's owners and they are accountable for any losses their customers may suffer if their security get breached. But we learned from past incidences that when an online service get hacked, they will just shut down their doors and no victims were compensated.

dezoel

legendary

Activity: 2044

Merit: 1075

Leading Crypto Sports Betting & Casino Platform

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

But I think all kinds of vulnerabilities have one main motive and that is to rob the website. Or I don't know, maybe some only want's to break the other website because they think it's a threat to their business. Until now there are still vulnerabilities that happen.

No casinos are safe with that even the biggest and popular ones which already has a better security because sometimes hackers are just more smarter than them, so don't blame all the casinos thinking it was their failure. Normal players who didn't do anything shady are not going to pay anything obviously but only those who are going to pay are the ones who committed the crime.

OgNasty

donator

Activity: 4760

Merit: 4323

Leading Crypto Sports Betting & Casino Platform

The worst vulnerability that I'm aware of was with directbet.eu during the block wars of 2017 (I believe). It was an on-chain gambling platform where you placed bets and then sent funds in to an address instead of depositing on a platform. I think this was the best way to do gambling with crypto and when users began using high fee periods to double spend losing bets it caused the site to shut down. No attempt at launching a replacement on-chain gambling platform has been made since that I'm aware of, which was a big step back for online gambling with crypto.

radontm

newbie

Activity: 4

Merit: 0

We made fast scans and information gathering on random sites. The most common issue is real server IP address leak. Cloudflare bypass itself is not a vulnerability, but attacker have more opportunity. Can abuse IP, brute forcing logins, etc...
Outdated applications, respositories is the other hand.

virasog

legendary

Activity: 3136

Merit: 1172

Leading Crypto Sports Betting & Casino Platform

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

It is the duty of the gambling sites to develop sites that are bug free and there are no vulnerabilities. People deposit their hard earned money on the gambling site and if the gambling site is not secured then there are a lot of chances that people lose their money and are at the risk of hackers.
With the advancement of technology, this risk is minimized but still, the hackers and the intruders are active exploits any loop hole in the system.

Porfirii

legendary

Activity: 1932

Merit: 2354

The Alliance Of Bitcointalk Translators - ENG>SPA

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

Players don't have to pay for the security breaches of the casinos they play, but they eventually do. It is the same case with exchanges: first, the company goes bankrupt, and then creditors are paid depending on how well they were prioritised. When the money runs out, it's over for the subsequent creditors. Another alternative is to distribute the remaining funds among all creditors, so all players pay for said failure.

Not to talk about the process, that can take years.

ethereumhunter

hero member

Activity: 2912

Merit: 541

Leading Crypto Sports Betting & Casino Platform

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

I think every casino will try to keep the casino safe and can address any possible vulnerabilities by updating the security on their site. The casino must have a security team that will keep a good eye on the site and can prevent theft so that users on the site can still feel safe. With cases happening in other casinos, it will pay more attention to other casinos so that it doesn't happen in theirs. But there really isn't a completely secure system in the world because there are bound to be attacked on every type of business, not just the casinos.

dothebeats

legendary

Activity: 3542

Merit: 1352

Cashback 15%

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

It will always be 100% the liability of the casino if there are some hacks or some theft on the balances of the casino. Sometimes though, if there are irregularities on the account activity, they can use that as a defense to not shoulder the lost funds of the player. But oftentimes, it is the casino that is liable for these kinds of things.

Quote from: Baofeng on August 21, 2022, 01:53:46 AM

Perhaps that was in it's infancy, wherein casino's are very vulnerable and maybe they don't have cold wallet and everything is in they hot wallet that's why hackers can get all their money. But security has involved already, and so far vulnerabilities are like people abusing the casino or even some exploits. But it can be quickly patch by the casino if they found out and that individual ban from them. Sometimes though, those exploits turns into a bug bounty for the gamblers.

This should never be an excuse that the casino should put put if they're hacked. Their top priority should be security then the quality of their games. I wouldn't trust a platform that states that their security is on its 'infancy' as that is just taking the easy way out on taking responsibility of the matter.

Baofeng

legendary

Activity: 2576

Merit: 1655

Quote from: danadc on August 20, 2022, 08:26:56 PM

The greatest vulnerability of the past is that they enter a casino and steal all the funds and then the casino has the capacity to respond to each of the players, all the casinos are in danger of that, but if a very large robbery occurs What casinos can be here to respond to that? It is known that a vulnerability is a failure of a casino, but players do not have to pay for that failure or bug.

Perhaps that was in it's infancy, wherein casino's are very vulnerable and maybe they don't have cold wallet and everything is in they hot wallet that's why hackers can get all their money. But security has involved already, and so far vulnerabilities are like people abusing the casino or even some exploits. But it can be quickly patch by the casino if they found out and that individual ban from them. Sometimes though, those exploits turns into a bug bounty for the gamblers.

Topic: Vulnerabilities in gambling websites in past - page 14. (Read 6916 times)