GGPoker Security Vulnerability Discovered: Operator Issues Apology, Bans Offending Player
Last Updated: December 30, 2023
16 years have passed since the infamous “POTRIPPER Scandal” over at Ultimate Bet, which was the biggest super user scandal in the history of online poker.
The poker world was shaken to the core a couple of days ago, when a fresh TwoPlusTwo account under the name of “GGSuperUser” posted about a potential super user account at world’s biggest online poker site, GGPoker.
According to the original TwoPlusTwo post, a user under the alias “MoneyTaker69” was caught winning at incredible win rates while playing an extremely weak style of poker over at GGPoker.
Not only was MoneyTaker69 winning big at cash games across all stakes, but the fairly fresh account also won a $150 tournament for over $47k, raking in over $60k in winnings over December alone.
The OP compiled some quick data using a variance calculator and all evidence pointed in the direction of MoneyTaker69 cheating in some way that goes even beyond the use of RTA.
GGPoker has since come out with a statement on the incident, which we will get into soon, but first let’s take a look what exactly happened to bring this scandal into the spotlight.
Massive Win Rate & Crazy Hands from MoneyTaker69
According to the Two Plus Two post that brought the MoneyTaker69 account into the public eye, the account was able to win $15.4k playing 9.2k hands across a variety of cash game stakes at GGPoker, winning at an incredible win rate of 83.9 big blinds per 100 hands.
At the same time, MoneyTaker69 was playing 53% of all hands, raising only 16% of the time, and 3-betting only 3.53% of the time, a playing style that highly resembles that of the very weakest of players in the world.
Not only was the player winning at a high win rate, but he was also able to win big both at showdowns and without showdowns, another feat that few online poker players can actually pull off.
Image source: TwoPlusTwo forum
The incredible graphs found in the Two Plus Two posts were followed up by some actual hands played by this account throughout December, all of which were absolutely insane.
In one hand, MoneyTaker69 bet and then called a shove holding J♠2♥ on a A♣7♣Q♦6♠ board when his opponent held 5♣4♣. The player admittedly lost that hand on the river, but was well ahead with his Jack-high against the Five-high of his opponent.
In another cash game hand, the offending player was able to take his pocket Deuces all the way to the river, bet the river, and then call a bluff-shove for 38 big blinds on a A♠J♦4♣3♠7♠ board to win a huge pot with just a pair of Deuces.
The hands go on and on, and one thing that is clear is that MoneyTaker69 could either see his opponents’ cards or know when he is ahead in some other way.
GGPoker Issues Statement and Security Update
Very shortly after the original Two Plus Two thread blew up and the poker community went in an uproar over the situation, GGPoker came out with an official statement.
The operator admitted that it had been aware of the MoneyTaker69 situation for several days and that the user had been suspended, as well as $29,895 taken out of his account.
This number does not seem to accurately reflect the amount of winnings the account had accumulated over the month of December alone.
GGPoker explained that their security team was able to detect some unusual user packages coming from the account, and that the user had been exploiting a security vulnerability related to the Thumbs Up/Down feature in the GGPoker client.
Through this vulnerability, the user was not able to see other players’ cards, but was able to access the calculated equities of every player involved in a pot, which would give him a massive edge in every single hand he played.
More technical explanations can be found in the official GGPoker statement, but the slightly concerning part of the statement explains that the user was able to “customize his own client” and circumvent the security update which was released on December 16, disabling the feature that was being exploited.
IMPORTANT SECURITY UPDATEhttps://t.co/M2fVAvmwQM
— GGPoker (@GGPoker) December 29, 2023
The statement also assured the poker world that GGPoker takes security very seriously and is currently working on hiring more security professionals to increase its security team, while also working with external security experts to ensure the continued safety for all players.
The confiscated funds will be distributed among the affected players in the coming days, although it does seem that the amount won by the user is higher than the number GGPoker was able to confiscate at this time.
Is GGPoker Safe to Play at?
The big question in everyone’s mind right now is certainly related to the safety of playing on the world’s biggest online poker platform, and for a good reason.
However, it does seem that MoneyTaker69 was the only user aware of the existing vulnerability, and no other accounts were found to be exhibiting unusual results and variance like this one.
What’s more, the latest security update has disabled the feature that was causing the vulnerability, and it appears that GGPoker is safe to play at for the most time.
However, it is worth being on your guard and keeping your eyes out for any suspect activity on desktop clients and mobile poker apps but without jumping to conclusions anytime an underdog wins a hand.
Will Online Poker Ever Be 100% Safe?
The answer is probably no! Just like live poker, online poker is open to all sorts of cheating attempts, and there will always be individuals trying to exploit a weakness or find a way to cheat others.
If you play online poker, you should understand that there is a certain dose or risk involved, and the best you can do is help operators do their job by reporting any suspect activity you notice.
The biggest online poker operators these days are working diligently to protect the community from cheaters and hackers, but things continue to slip through the cracks every now and then.
The best we can hope for is that operators like GGPoker take such issues seriously, address them in a timely fashion, and come out with public statements to warn us against any potential cheating going on at their platforms.
Moving forward, keep your eyes peeled for anyone winning at unusual rates or dominating his tables with wild plays, and remember to always report it to the operators and the poker community as quickly as possible.