|
I made this post on 2+2 in 2007, but it still applies today.
This is in reference to SteveDaPimp, who hacked AOL accounts and then requested poker passwords for accounts that were registered to them.
================================================================================
===================
Regarding recent hackings of AOL/AIM:
1) AOL and AIM are NOT the same. SteveDaPimp is the one responsible for the recent AOL hackings. He has been doing so from the inside -- he has some sort of administrator access that allows him to freely see the password of any AOL account he chooses. This isn't a guess. It's a fact, and he demonstrated his ability to do this to one of my friends (who was one of his victims). Once he has those AOL passwords, he simply requests the passwords for all poker accounts registered to that e-mail address. He also scans the incoming/saved e-mail for all personal information, as well as info on other pros. For example, if Howard Lederer sent John Juanda an e-mail last month saying, "You were hilarious at Red Lobster last Saturday!", Steve could now contact Howard pretending to be John, making reference to Red Lobster last month in order to "prove" he really is John Juanda.
2) AIM, while owned and operated by AOL, is a different system and apparently not vulnerable the same way AOL is. I do not know of any hackings of AIM itself at this time, though it wouldn't surprise me if that system was also compromised at one point. In most cases, AIM passwords are hacked by use of a keylogger.
3) SteveDaPimp's typical MO is to impersonate known pros in order to get money "loaned" to him. For example, he once created an AIM account named "ToddWitteles" to impersonate me. He asked various people to "trade" money between two poker sites, while obviously not planning to send his part. He assumed that I would be blamed for it, which I was at first until it was cleared up and I fortunately had the poker site (Party) return the money to the victim. He has done this to countless other pros, including Paul Wasicka, Twin-Caracas, and many others. In addition to creating phony pro AIM accounts (I stupidly never registered ToddWitteles on AIM, so he easily took it for himself), he also has hacked a number of them through keyloggers. Once he gains control of them, he does the same thing (requests to borrow money under the AIM accounts of trusted pros.) He also did the same with many of the AOL accounts he recently hacked, as AOL and AIM accounts communicate over the same network.
4) Here is how you can prevent SteveDaPimp and others like him from victimizing you in the same fashion:
- Do not have ANY poker sites registered to an AOL address.
- Register every poker site to a different e-mail address. Also, make sure each e-mail address (perhaps one you create on Yahoo or Hotmail) does not have a connection to you. Don't use them to communicate with other poker players, and don't make them easy to guess. For example, create one like "desklamp344@yahoo.com" -- something random that nobody would associate with you. This way, even if Steve does find a way to compromise Yahoo, he won't know where to look for your account.
- Do not EVER accept attachments or direct connect requests on AIM without knowing FOR SURE that you are talking to a trusted party. The only way you can do this for sure is to call the person and ask if it's really them talking to you right now. I wouldn't trust an AIM attachment from my own mother unless I first called and asked if it was really her I was talking to.
|
Jun 5 2009, 03:04 AM
