The online poker community has been rocked by the revelation of yet another superuser scandal. The online poker site GGPoker admitted in early January 2024 that a superuser account called “MoneyTaker69” had exploited a weakness in the platform’s software, enabling cheating at numerous cash game tables.
This incident reignited concerns about security and fair play within the online poker ecosystem, impacting player trust and raising questions about GGPoker’s internal controls. The superuser scandal has been an embarrassment for the poker platform as it scrambles to do damage control.
The embarrassing news comes just months after GGPoker made headlines for a story of a Twitch Streamer winning $2.7 million in their World Series of Poker Online event. The dream run seemed to showcase the platform’s poker economy firing on all cylinders right before things took a turn.
The Superuser Scandal Timeline
We must admit that all the details about the vulnerability and the extent of the “superuser” account’s actions have not been made public. What is known is that a concerned poker player started a forum thread airing suspicions about another user called “MoneyTaker69” engaged in cheating on GGPoker.
On December 28th, 2023, a user going by the name “GGSuperUser” made a shocking discovery on the TwoPlusTwo poker forums. They had analyzed the play of another user, “MoneyTaker69”, and found that they were winning at an unheard of rate of 90 big blinds per 100 hands. This raised immediate red flags, as such a win rate would be practically impossible against skilled opponents.
GGSuperUser’s allegations set off a chain reaction in the poker community. As other pros scrutinized MoneyTaker69’s play history, more proof emerged confirming the exploitation. Hands clearly indicated the account consistently made optimal decisions that require knowledge about the opponents’ cards.
However, GGPoker confirmed the account held access to privileged information, potentially allowing the holder to see opponents’ hole cards. This advantage resulted in significant wins for the “MoneyTaker69,” at the expense of other players.
GGSuperUser presented data showing that over 8,900 hands were played by MoneyTaker69 in December alone. According to the superuser’s analysis, the cheater had accumulated almost $30,000 in profits, in addition to tournament winnings.
GGSuperUser brought up the fact that MoneyTaker69 had won $47,586 in an MTT using a very unpredictable strategy. A representative from GGPoker acknowledged this privately and guaranteed that an official announcement would be released shortly and then followed by a full investigation into the matter.
GGPoker’s Initial Response
With proof circulating on public forums that cheating had occurred under their watch, GGPoker had to act swiftly to salvage trust. They released a statement announcing a thorough investigation into the superuser allegations. GGPoker also asserted countermeasures were already enacted to stop further abuse.
Initially, the poker platform revealed the offending account belonged to an employee of a third-party data company contracted by GGPoker. The unnamed individual had found a way to improperly access competitors’ card data through their company’s software integration. GGPoker stated they severed ties with the firm and closed security holes.
Given the lengthy time period the vulnerabilities existed, and the highly valuable data accessed, there are concerns more accounts beyond Moneytaker69 may have cheated. Even casino games like video poker, which rely strictly on luck and mathematical skill rather than opponent reads, could be compromised by cheaters.
After reviewing logs and data, GGPoker investigators were able to confirm the “abnormal game client packets” and “unusual game patterns” that had been detected. They traced this suspicious activity back to a vulnerability in their software that MoneyTaker69 had exploited.
Those acquainted with GGPoker are well aware of its thumbs up/thumbs down feature. The purported cheater “MoneyTake69” discovered a flaw in this functionality, enabling them to rig their game client.
By using this method and identifying attack methods in Adobe Air, the alleged hacker calculated their equity to determine their chances of winning at showdown. Knowing the value of their hand compared to their opponent’s hand helped MoneyTaker69 make optimal choices.
While not able to see other players’ hole cards like in past scandals, it is believed MoneyTaker69 customized their client to deduce all-in equity and guess win probabilities, gaining a significant advantage. This is far from the only scandal to hit the world of live and online poker in the past few years.
Last year, Dan Smith, who finished sixth at the WSOP $250k buy-in Super High Roller No-Limit Hold’em event in Las Vegas, accused Martin Kabrhel of cheating. The Czech player went on to finish 3rd and took home $2.3 million in prize money, according to CBS Sports.
Refunds and Changes
GGPoker acknowledged through a blog post that the integrity of their games had been compromised and apologized to affected players. MoneyTaker69’s account was permanently banned and their ill-gotten gains were confiscated.
GGPoker also refunded an estimated $75,000 to other players who lost money during the period of exploitation. As a preventative measure, GGPoker temporarily disabled the feature MoneyTaker69 had leveraged until a more robust security update could be implemented.
A spokesperson for GGPoker has also said that the company will be expanding their security team over the coming months to guard against future incidents.
Investigation: Cheating Didn’t Involve Hole-Card Exploit
Although similar, the GGPoker superuser scandal isn’t exactly the same as prior poker site breaches. Security experts for the online poker site have said the suspected hacker wasn’t able to see anyone else’s whole cards, nor were they able to access GGPoker’s servers directly.
Instead, they were allegedly able to make superuser-like moves by determining their own statistical all-in equity in certain situations. This still conferred an unfair advantage not available to other players.
Another curious element is the username itself, MoneyTaker69. Although unconfirmed, there is an infamous hacking group that goes by the name MoneyTaker. This group engages in exposing vulnerabilities at major companies as a type of “white hat” hacking. The money taken is later returned to prove the weaknesses existed.
The “superuser” scandal shook the online poker world and damaged GGPoker’s reputation of having fair and secure games. While not as directly compromising as past hole card-viewing cheats, it still represented a serious failure of protections. A tweet from GGPoker has also confirmed that the $47,586 MoneyTaker69 won in tournaments will be redistributed to players.