DDoS attacks against Poker players using Skype gap

 
 
 

Poker DDoS Attacks

Skype’s security gap where the IP address of other Skype users is revealed has been a problem since 2010. So far, poker players were not concerned or did not hear about that issue at all.
Now, more and more poker players, mostly HU SNG regulars, reported odd connection problems while playing that resulted in the loss of their Buy-Ins. HU SNG regular ‘sa1251′ was the first to bring this to attention in his thread he made on 2+2. About a month later, ‘ownage4u’ reported a very similar problem caused by the possible distributed denial-of-service attack (DDoS attack) during a cash game hand.

Almost every poker regular, mainly coaches and forum users, have published their Skype alias somewhere on the Internet. It is easy to find it, retrieve your IP, get your connection crushed with a DDoS attack, and get disconnected at the poker table—all with less than 20 clicks.

About DDoS

A DDoS attackis an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DDoS attack may vary, it generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.” (Wikipedia)

Learn how it works

Using online services like SkypeGrabber, the attacker can retrieve your IP while you are using Skype – even if they are not on your Skype list. It only needs a few more clicks to use one of the online DDoS providers to block your internet connection and get you disconnected from the poker provider to steal your Buy-In.
Example, YouTube video.

Protect yourself

Update of 05/06/2013:
Microsoft released a beta version to secure the Skype IP: -→ Skype Beta Plugs IP Resolver Privacy Leak.
Update of 10/04/2013:
There seems to be a working patch that is easier to use without installing the TOR proxy program: Skype Resolvers Blocker.

We do not just offer an additional service and extra benefits with the best Skrill cashback for our clients, but also care about our client’s safety with additional Skrill help. We strictly recommend having a backup connection and either not use Skype while playing poker or to use a decent Proxy connection configured with your firewall like the following example provided by us:

  1. Download and run TOR proxy provider (very well known free proxy service).
  2. Sign out at Skype
  3. Go to Skype Tools → Connection Options
    3.1:    Use Port 9150 for incoming connections
    3.2:    Uncheck “Use port 80 and 443…”
    3.3:    Select SOCKS5 from the drop-down menu
    3.4:    Enter Host 127.0.0.1 and Port 9150 (leave authentication unchecked)
    3.5:    Quit Skype (completely shut down the program)
  4. Restart your Internet Router manually or reboot it to obtain a new IP address
  5. Run the SkypeProxy.cmd as Administrator* (right-click → run as administrator)
  6. Restart Skype that now connects over the Tor network
  7. Configure your Windows firewall to block all outgoing transfers for Skype and add a rule to send them through TOR proxy client.
  8. Use utrace or any other tracing tool to check if your Skype IP is safe.

 

This solution worked on all tested computers and connections – Use at your own risk! Please be reminded that using a proxy for logging into any poker provider or Skrill might look suspicious, trying to hide your identity. Please use this solution for Skype only!
Feel free to comment and share other possible solutions.