Aristocrat, the Australian slots developer behind games like Heart of Gold and 50 Lions, has confirmed it was subject to an extortion attempt from a Russian hacking ring, in an unsettling story that speaks to the importance of secure gaming.
The hacker, known only as Alex, spoke at length with Wired, explaining how he was able to assemble a team that netted millions from exploiting technical issues within the slots games, specifically relating to their pseudorandom number generators.
Through using his understanding of mathematics and computing logic, Alex setup a network of roving field agents, who were tasked with filming physical machines as they played, in order to calculate when the odds were pointing to a payout. Incidentally, four of his agents were caught in the act, and strung up on fraud charges in the US. However, it’s unknown how many more agents there may have been, working the gang’s method to score these consistent wins.
After central analysis, timing data could be remitted back to the phones of the field agents, telling them when to play the machines in order to exploit the odds in their favour. According to Alex’s statements, he was able to rack up in excess of $250,000 a week through this technique.
The attempted extortion came when Alex nobly decided to hang up his boots – but he wasn’t prepared to step away quietly. After 8 successful years of rinsing casinos of their money, the fraudster reportedly made an approach to Aristocrat directly to put an end to his racket.
He offered to disband the gang and to stop infiltrating their slots, a course of action it seems like he’d already decided to undertake either way, for his own reasons. But he wanted an 8-figure sum to get out the game, and said in return, he’d offer up a helping hand to developers to eliminate the problems with their games.
Further, sending through a detailed breakdown of his understanding of the PRNGs behind a couple of slots games, he sinisterly suggested that the information would be even more damaging in the hands of a direct competitor – the threat which arguably sealed his fate.
According to Aristocrat, the matter was referred to law enforcement for further attention. While the company agreed to meet with Alex on neutral territory, they reportedly refused to pay the demands.
A spokesperson for the company also clarified that there is no evidence of widespread cheating beyond the games indicated.
“Aristocrat is a high integrity company that has zero tolerance for unethical behavior. Accordingly, it did not pay nor has it ever paid extortion moneys…[there is] no evidence of any actual or potential cheat of any game title other than the handful of MkVI vintage titles previously reported.”
However, despite the company’s robust approach to dealing with the hacking ring, their credibility will take a significant knock from these events.
Slots developers thrive on their reputation, and when it comes to matters of security and fairness, that’s a particular soft spot that needs to be protected. One of the perennial fears of new and experienced slots players alike is that they are not playing a fair, random game, or that the playing field is open to being abused.
While there are always those who will try their level best to cheat casinos, most players want nothing to do with it – further, they want the assurance that they’re sensitive information is safe, let alone that they’re getting the same chance as other players to win big for their money.
Ultimately, casino operators will decide whether this undermines the Australian developer enough to be cause to switch from their games. In the interim, it serves as a stark reminder that security, and by extension reputation, should always be at the front and centre of consideration for slots developers.
And never, ever to pay ransom demands to hackers, if you want to keep your integrity intact.