Vulnerabilities in gambling websites in past - page 16.

paxmao

legendary

Activity: 2366

Merit: 1624

Do not die for Putin

Quote from: LUCKMCFLY on July 04, 2022, 11:09:22 PM

A case was recently presented with a new casino, where its greatest vulnerability was in the Welcome bonus and a bonus that was assigned to Bitcointalk users, but after a few days there was a massive abuse of it and all kinds of problems were achieved. , the people who won some were the same, the fact was that they found a way to be able to exploit the vulnerability of the casino and be taken advantage of to the maximum by players, the truth is I don't know how there are people who use their intellect for this, but it was discovered that the site was a scam and it makes sense, I think that a site in these times cannot have a type of vulnerability of that style, what most deceived many is that it really looked good and a signature campaign was even carried out.

I would not say it is a vulnerability in the traditional sense of having a backdoor or being somehow easy to hack, it looks more like a purely flawed design of the offer to the bitcointalk users. It is a sign of a fishy site the fact that is poorly conceived and the offer is just too good to be true, and it is a bad thing for the community that too many of these places are out there.

Peanutswar

legendary

Activity: 1708

Merit: 1280

Top Crypto Casino

Quote from: 0verseer on July 05, 2022, 12:11:10 PM

Quote from: Danydee on July 04, 2022, 11:33:01 PM

Meanwhile there are still many sites that are still not waiting for tx confirmation before crediting the balance!

They're too eager for new betters to their sites and play games right away that skip ahead important protocols in crypto. This is why I think vulnerabilities always exist in gambling sites since the fierce competition between gambling sites force some of the security steps to be lax.

Some gambling platforms to make sure that the transaction is legitimate need to wait for confirmation mostly like almost 1 or 2 confirmations before crediting to the account the transaction ID is looks like a receipt that you really made a deposit to prevent abusing the system of the gambling platform. afaik you cant see a gambling platform does not have this confirmation before getting your funds credited.

Lanatsa

hero member

Activity: 2968

Merit: 687

Quote from: 0verseer on July 05, 2022, 12:11:10 PM

Quote from: Danydee on July 04, 2022, 11:33:01 PM

Meanwhile there are still many sites that are still not waiting for tx confirmation before crediting the balance!

They're too eager for new betters to their sites and play games right away that skip ahead important protocols in crypto. This is why I think vulnerabilities always exist in gambling sites since the fierce competition between gambling sites force some of the security steps to be lax.

Security is the most vital point that every business online should really be minding off or they shouldnt really set aside on giving out priority for it to be checked and to be enhanced because if they would just simply

neglect it out then you would really know on what would be the possible events that could happen in the future.Exploits and vulnerabilities which might result into bigger experience or even the end of your business
if things turns out to be severe.

We've seen exchange hacks or even services that we do have in the past or even we do have history of gambling exploits which do involved
huge money and if you owner doesnt really like that then you do know on what you should gonna do.

0verseer

full member

Activity: 480

Merit: 106

Quote from: Danydee on July 04, 2022, 11:33:01 PM

Meanwhile there are still many sites that are still not waiting for tx confirmation before crediting the balance!

They're too eager for new betters to their sites and play games right away that skip ahead important protocols in crypto. This is why I think vulnerabilities always exist in gambling sites since the fierce competition between gambling sites force some of the security steps to be lax.

AicecreaME

sr. member

Activity: 2436

Merit: 455

Quote from: Smartvirus on June 21, 2022, 05:52:06 PM

Quote from: LUCKMCFLY on June 21, 2022, 05:37:11 PM

Quote from: MonsterV on June 12, 2022, 03:42:29 PM

Security and stability of a gambling site is of course very important. I think behind the scenes at every gambling site there are people working day and night monitoring the case and constantly checking for weaknesses in the system. They are also learning more and more. Online gambling is something that has been around for a long time, so of course the margins of error also get smaller and smaller over time. Only arbitrage betting remains an unsolvable problem unfortunately.

Well, the issue of arbitration is somewhat more complex, it is necessary to point out that when there is a vulnerability and whoever discovers it does not say so, they only exploit the vulnerability for their own benefit and this is something that many casinos, no matter how much they monitor their security. Sometimes they do not see it, the old problems can be many, and if we start to see today the problems that are generated in some sites are many that continue to put in check sites that are new, that have an outstanding staff and security specialist and even so, vulnerabilities continue to be achieved, it really is a very difficult issue for casinos to control, only the oldest and oldest casinos manage to achieve this type of security, due to their experience.

No doubt, the security team is the should be and consist the most important part of the developers of a gambling site. As, they are charged with detecting and closing loopholes that could be exploited by prospective users/customers but, most aren't efficient in this and you can't blame them in entire. In other for platforms to spurn patronage, they tend to over leverage certain systems like there bonus offerings and this is where most customers look out to explore. More over, it becomes easier to discover certain vulnerability to a platform when you've got over a million persons as would be the case for customers, testing the platform than a mare team of 5-10 persons. Best chances should be in there ability to respond quickly when found!

It's really hard to monitor a website or gambling platform that has many users in it. Securing the gambling website from vulnerabilities to avoid being exploited and abused is a tough job for a team since they have a huge database to manage and look into. In addition, the malware or malfunction of security might happen anytime. It actually happens most during the time the developers aren't expecting it. Hence, some people manage to abuse the error and benefit from it while the gambling site is losing profit.

Although this is why the security team should double time and do their job accordingly because they are being paid to do it right. A strict checking into the system every once in a while is needed to secure the system from glitches. And at the same time, to be able to provide the right punishment for those people who abuse the system by violating the gambling site's terms and policies.

Danydee

legendary

Activity: 2576

Merit: 1248

Meanwhile there are still many sites that are still not waiting for tx confirmation before crediting the balance!

LUCKMCFLY

legendary

Activity: 2590

Merit: 1882

Leading Crypto Sports Betting & Casino Platform

A case was recently presented with a new casino, where its greatest vulnerability was in the Welcome bonus and a bonus that was assigned to Bitcointalk users, but after a few days there was a massive abuse of it and all kinds of problems were achieved. , the people who won some were the same, the fact was that they found a way to be able to exploit the vulnerability of the casino and be taken advantage of to the maximum by players, the truth is I don't know how there are people who use their intellect for this, but it was discovered that the site was a scam and it makes sense, I think that a site in these times cannot have a type of vulnerability of that style, what most deceived many is that it really looked good and a signature campaign was even carried out.

delfastTions

legendary

Activity: 2702

Merit: 1465

Quote from: LUCKMCFLY on June 21, 2022, 05:37:11 PM

Well, the issue of arbitration is somewhat more complex, it is necessary to point out that when there is a vulnerability and whoever discovers it does not say so, they only exploit the vulnerability for their own benefit and this is something that many casinos, no matter how much they monitor their security. e.

As far as I know, the struggle of the casino against such a type of fraud as arbitration is quite active. Large and well-known casinos have a confidential database of people seen in arbitrage. And the security services of all casinos that have access to this database keep it up to date all the time and supplement it with new players who use arbitrage. And then they will ban this player. So don't even try to arbitrate.
You can get a "black mark" for life.

Smartvirus

legendary

Activity: 1554

Merit: 1139

Quote from: LUCKMCFLY on June 21, 2022, 05:37:11 PM

Quote from: MonsterV on June 12, 2022, 03:42:29 PM

Security and stability of a gambling site is of course very important. I think behind the scenes at every gambling site there are people working day and night monitoring the case and constantly checking for weaknesses in the system. They are also learning more and more. Online gambling is something that has been around for a long time, so of course the margins of error also get smaller and smaller over time. Only arbitrage betting remains an unsolvable problem unfortunately.

Well, the issue of arbitration is somewhat more complex, it is necessary to point out that when there is a vulnerability and whoever discovers it does not say so, they only exploit the vulnerability for their own benefit and this is something that many casinos, no matter how much they monitor their security. Sometimes they do not see it, the old problems can be many, and if we start to see today the problems that are generated in some sites are many that continue to put in check sites that are new, that have an outstanding staff and security specialist and even so, vulnerabilities continue to be achieved, it really is a very difficult issue for casinos to control, only the oldest and oldest casinos manage to achieve this type of security, due to their experience.

No doubt, the security team is the should be and consist the most important part of the developers of a gambling site. As, they are charged with detecting and closing loopholes that could be exploited by prospective users/customers but, most aren't efficient in this and you can't blame them in entire. In other for platforms to spurn patronage, they tend to over leverage certain systems like there bonus offerings and this is where most customers look out to explore. More over, it becomes easier to discover certain vulnerability to a platform when you've got over a million persons as would be the case for customers, testing the platform than a mare team of 5-10 persons. Best chances should be in there ability to respond quickly when found!

LUCKMCFLY

legendary

Activity: 2590

Merit: 1882

Leading Crypto Sports Betting & Casino Platform

Quote from: MonsterV on June 12, 2022, 03:42:29 PM

Security and stability of a gambling site is of course very important. I think behind the scenes at every gambling site there are people working day and night monitoring the case and constantly checking for weaknesses in the system. They are also learning more and more. Online gambling is something that has been around for a long time, so of course the margins of error also get smaller and smaller over time. Only arbitrage betting remains an unsolvable problem unfortunately.

Well, the issue of arbitration is somewhat more complex, it is necessary to point out that when there is a vulnerability and whoever discovers it does not say so, they only exploit the vulnerability for their own benefit and this is something that many casinos, no matter how much they monitor their security. Sometimes they do not see it, the old problems can be many, and if we start to see today the problems that are generated in some sites are many that continue to put in check sites that are new, that have an outstanding staff and security specialist and even so, vulnerabilities continue to be achieved, it really is a very difficult issue for casinos to control, only the oldest and oldest casinos manage to achieve this type of security, due to their experience.

delfastTions

legendary

Activity: 2702

Merit: 1465

Quote from: ?? on ??

Hey Guys~
I live in indonesia and want to be an Agent in indonesia
does anyone contact me?Thank you!
TG:@gracewanwan

Since you are an Indonesian, you should know that such a good Indonesian BK8 casino has been discussed here for quite some time on the forum. Now the devs of this casino are actively developing the direction with payment in cryptocurrencies. Judging by the development and promotion of BK8, it has a good chance of becoming a world-class crypto casino.

I recommend reading this thread for more details:
https://bitcointalksearch.org/topic/m.56384676

LUCKMCFLY

legendary

Activity: 2590

Merit: 1882

Leading Crypto Sports Betting & Casino Platform

Quote from: pawanjain on June 07, 2022, 08:26:43 AM

Quote from: worldofcoins on February 10, 2022, 12:54:00 PM

There had been quite a number of Vulnerabilities in gambling websites since 2011 from satoshi dice to primedice and a lot more.

What was the total number of exploits and which ones were the lethal ones, I think that hufflepuff guy on primedice did the most damage.
The exploit was called something like "Race time condition" and I read something similar in my CS class but it was related to a banking system so it could be different.

Basically, it was giving multiple inputs to the system trying to get some response from the system in 2 places, and then exploiting the system.

Also, Is there any list for me to check regarding exploits? I'm thinking about developing something so it may come handy.

As long as there is innovation, there are vulnerabilities. Basically, if something is being created then it will surely have some kind of a flaw.
It's just a matter of time until someone figures how it can be exploited. This is why hackers and bug bounty hunters are being paid large amounts of money to find flaws in websites.
Even I am planning on to learn the art of cracking vulnerabilities but it's so damn tough to understand all the concepts.

If, in fact, if these people did not exist, the sites would be embezzled, to be able to be a type of this type of security, I think that a good course would be good, in case you are a person who understands electronics and computer science a good course that goes from CISCO to one that is White Hacker, it would be an incredible step, of course your basic knowledge must be of a high level, because otherwise it would be a nightmare to enter a course where you will not understand anything at all, sometimes programming is where you must have more skills, of course the electronics to know by what part or link the vulnerabilities enter, is something complex.

sovie

sr. member

Activity: 1274

Merit: 265

Quote from: Betwrong on June 13, 2022, 04:12:20 AM

Quote from: AmoreJaz on June 11, 2022, 06:28:09 PM

~
also, maybe not hire an ethical hacker, but run bug bounty from time to time, at least test the potential vulnerabilities of the site. the security team should not stop exploring their security options because these hackers won't stop up until they find a weakness of the site.

This is almost the same as hiring an ethical hacker, isn't it? But I personally still on the side of hiring a professional to test your site because bounties are usually too small for a pro to bother, so, just relying on them is too risky. I mean, it's better to do both.

I think the same - having a ethical hacker on board will be an edge - he would be checking the site daily and would be aware of any malfunction.
And will be accountable for any data leak. So for a casino owner - where so much of the transaction will be going on - having an ethical hacker on board will not be good deal.

Betwrong

legendary

Activity: 3374

Merit: 2198

I stand with Ukraine.

Quote from: AmoreJaz on June 11, 2022, 06:28:09 PM

~
also, maybe not hire an ethical hacker, but run bug bounty from time to time, at least test the potential vulnerabilities of the site. the security team should not stop exploring their security options because these hackers won't stop up until they find a weakness of the site.

This is almost the same as hiring an ethical hacker, isn't it? But I personally still on the side of hiring a professional to test your site because bounties are usually too small for a pro to bother, so, just relying on them is too risky. I mean, it's better to do both.

ipanks

hero member

Activity: 1610

Merit: 507

Quote from: sovie on June 12, 2022, 01:25:43 PM

snip

So the casino should adjust or calculate their funds before they can hire ethical hackers. But if they had planned to hire ethical hackers from the start, they should have allocated some funds for it and would not interfere with the allocation of funds elsewhere. Having a good security team will be able to keep the site safe and will not be attacked by other hackers or other people who have the intention of disturbing the site.

MonsterV

legendary

Activity: 2212

Merit: 1008

Security and stability of a gambling site is of course very important. I think behind the scenes at every gambling site there are people working day and night monitoring the case and constantly checking for weaknesses in the system. They are also learning more and more. Online gambling is something that has been around for a long time, so of course the margins of error also get smaller and smaller over time. Only arbitrage betting remains an unsolvable problem unfortunately.

Hamphser

sr. member

Activity: 2604

Merit: 338

Vave.com - Crypto Casino

Quote from: AmoreJaz on June 11, 2022, 06:28:09 PM

Quote from: sovie on June 11, 2022, 06:14:55 PM

Quote from: Hamphser on June 10, 2022, 01:54:25 PM

Quote from: ethereumhunter on June 09, 2022, 02:07:57 AM

Quote from: Lordrift on June 08, 2022, 11:00:51 AM

Quote from: ethereumhunter on June 07, 2022, 03:09:42 AM

It will give you something and the casino will probably reward you. It will be better for you because you are not using the leak in the server personally but can tell the casino so they can fix it quickly.

Yeah using a disadvantage of a person to our own gain is rather selfish and unethical.
However not everyone has ethics and morals,
But in every way, It is good to be good.

We don't have to follow people who think to take advantage of someone's loss, especially if it's about using the bugs of a website to attract big bucks. The money we get will not last long and there is a possibility that we will also suffer losses at another time. So better to just let them do what they are doing and if we know something is leaking on their site, we let the team know to fix it right away.

For reputable sites then it would really be that understandable that they would really be making out that immediate fix because they dont really like for the reputation to be affected thats why its understandable on such

action unlike on others which arent that popular where as long they dont get any complaints or someone who are in rage about the issue then they wont really be fixing it out since they do know that it could
really benefit them out but it all varies on the owner on how honest they are.

Vulnerabilities could really be always there thats why as a gambling site owner then you should be mindful about that because there are people who do tend
to abuse it no matter what.

HIring a ethical hacker and keeping the site uptodate can site owner away from so much trouble. Also updating the website for malfunction can be helpful too.
But the hackers are too smart and a step ahead of the webmakers and the site designer. There is no end to these vulnerabilities but some of the precautionary measures can be helpful.

softwares and other tools are getting created and developed everyday, so the vulnerabilities will always be there. it is up to the site dev team how they can possibly stop potential attacks on how they set-up their security protocols and also, being updated about it. just like any other software app, they will always have an update and if you fail to update, some features may not work.
also, maybe not hire an ethical hacker, but run bug bounty from time to time, at least test the potential vulnerabilities of the site. the security team should not stop exploring their security options because these hackers won't stop up until they find a weakness of the site.

Thats why constant update and maintenance should be default for a business and this isnt something that should be ignored because it would be costing you big if ever you do
make yourself ignore about updates and development stuffs because this is a business and a good target for those hackers yet we know that this one involves big money.
You would really be minding yourself on having everything in control or in proper check in terms of security.Tech is becoming sophisticated as years goes on which
it is really just right on making yourself aware on making out changes.

Dunamisx

hero member

Activity: 952

Merit: 555

Quote from: maestro20 on June 10, 2022, 01:16:49 PM

Well, I continued searching, and found small vulnerabilities in 2 providers.
These are iSfotBet and Bgaming, they do not give a big advantage, but there is a trace that the developers forgot to finalize some of the prohibitions.

I believe to an extent what works for you may not necessarily go along with me thesame way, in many casino games we play or let me say gambling in general, we all have individuals preference for them, i see them all to be perfectly ok to a normal standard base on their own rating and reviews but the feedback from the gamblers experience is as well very important in deriving a conclusion, what you finds here challenging may not be a matter of concern for another user and this makes it looks like all gambling sites may at one point in time have little pitfalls than other.

sovie

sr. member

Activity: 1274

Merit: 265

Quote from: ipanks on June 12, 2022, 12:00:26 AM

Quote from: Oilacris on June 11, 2022, 06:24:30 PM

snip

Sometimes they are better off hosting an event to find bugs on their site than hiring some ethical hackers because it might be expensive to hire them. It would be better if they had a security team that could also look for leaks in security holes to immediately find out and fix them before something bad happens to them. The trust factor will be important to manage, especially when it involves big money from its members. If they can keep all the funds on their site from hackers, their reputation and trust will increase.

If the casinos are already giving return to the owner. Then hiring a ethical hacker would not be a big thing. Having a person on board will be aware of all the troubles. And will be responsible to take care of the portal. This will keep data of the gamblor and the owner safe and secure.

ipanks

hero member

Activity: 1610

Merit: 507

Quote from: Oilacris on June 11, 2022, 06:24:30 PM

snip

Sometimes they are better off hosting an event to find bugs on their site than hiring some ethical hackers because it might be expensive to hire them. It would be better if they had a security team that could also look for leaks in security holes to immediately find out and fix them before something bad happens to them. The trust factor will be important to manage, especially when it involves big money from its members. If they can keep all the funds on their site from hackers, their reputation and trust will increase.

Topic: Vulnerabilities in gambling websites in past - page 16. (Read 6916 times)