Cheating’s bad. Stealing’s bad. Most of us agree on this. However, when it comes to someone owning a casino, it is hard to avoid that “hell, yeah” moment. Especially when someone does it using their superior skills and intellect, not guns and force. Although it is wrong, there is usually a bit of David vs. Goliath moment somewhere in there, which never fails to impress us.
Beating casinos in their own game isn’t easy, with all the safe triggers and layers of protection. However, a group of Russian hackers did just that, by cracking the Random Number Generator for a particular make of slot machines. From there on, it was just a matter of pressing the buttons at the right time and raking in the money.
Things started to unravel in July of 2014 when the Lumiere Palace Casino in St. Louise noticed there was something off about their slot machines. Namely, the slot machines have paid way too much across the span of a few days. Since there were no big jackpot payouts to account for this anomaly, the casino figured something was amiss.
But, they had no idea what.
So, they’ve started going through their security tapes, looking for anything out of the ordinary. Soon enough, they identified a man who was playing slots at the premises for the past few days, exhibiting strange behavior.
He’d first sit down for some spins, holding his iPhone close to the screen (presumably recording). Then he would walk away, only to return a bit later, and that’s when his winning streak would start. The man would turn $20 or $30 into a few hundred or even a grand, but he never did anything that would suggest he was tampering with slot machines.
The only unusual thing was the waiting time between spins.
Usually, slot players will be in a hurry to get to the next spin. This man was very calm, methodical, and patient. His hand would hover over the spin button for prolonged periods before finally triggering the spin. It was unusual behavior, to say the least, but the casino staff had no idea what was up. They obviously couldn’t ask the mysterious player, as he was long gone.
Unable to solve the riddle, the casino called in the Missouri Gaming Commission. When they connected dots, it turned out that the Lumiere Palace was just one of many casinos that shared a similar experience. The common theme in all occurrences was that perpetrators had their phones close to the slot machines, and every time the machine in question was an Aristocrat Mark VI model.
Authorities were able to identify the Lumiere Palace mysterious player as Murat Bilev. He was a Russian national who had left the country by the time investigators were able to figure things out. But, he would return soon, as there were no slot machines to take advantage of in his native country.
Putin’s Gambling Ban
Back in 2009, during his time as the Prime Minister of Russia, Vladimir Putin outlawed nearly all gambling activities in the country. This put numerous casinos out of business, leaving them with hundreds of slot machines they had no use for. Trying to get at least some cash back, the casinos would sell these slots to anyone interested in buying them.
With gambling being outlawed, many of these machines went to counterfeiters and scammers, looking to crack the underlying code.
Slot machines function based on a pseudo-random number generator. Their output may seem random, but it is, in fact, governed by certain recognizable patterns. These patterns are generated by a number of internal and external variables and are hard to discern.
Hard, but not impossible.
Given enough private time with a slot machine, a capable engineer would be able to figure out what makes it tick. Once that happens, it is only a matter of pressing the button at the right time, and more often than not, the player will end up with a winning combination.
Of course, even when all the variables are cracked, it isn’t as simple as sitting down and winning. You still need to figure out the initial variable for every particular slot machine (like the time on the internal clock). That’s why the video of slots in action was required – to decipher this critical starting point.
Cracking the Operation
Once things started to unravel, a security expert Darrin Hoke was able to identify 25 potential operatives working in casinos across the globe. Agents with the Department of Justice were able to arrest one of these Russian agents in California, confiscating some $6,000 in cash and, more importantly, several cell phones that were used in the cheating operation.
The arrest finally shed some light on the operation. Russian engineers were able to crack the pseudo RNG code of Aristocrat slot machines, and the operatives were sent to casinos around the world to take advantage of vulnerable machines.
They would first record some twenty spins, uploading the video for Russian engineers to analyze, and then they’d return to play. The software sends out timing markers to the player’s phone, 0.25 seconds before the player should press the button. The delay accounts for the human reaction time.
Although not successful 100% of the time, these markers ensured far more frequent payouts. The strategy worked very well, and scammers were able to win thousands every day while keeping their winnings relatively small (under $1,000).
Tip of the Iceberg
As expected, Bilev returned to the States, expecting to continue the profitable operation. However, the police were waiting, and they were arrested after the security spotted him and three of his colleagues in the Hollywood Casino in St. Louis.
Bilev and two others accepted plea bargains, being sentenced to two years in federal prison. The fourth conspirator, Yevgeniy Nazarov, didn’t share the same destiny, as he decided to help the police with the investigation. However, there wasn’t much Nazarov or the police could do to stop the operation, as arrests made Russian operatives very careful.
The only real solution would be removing all the machines with the cracked code and replacing them with new ones. That’s not going to happen because the move would be so costly that the take of Russian scammers pales in comparison. Since the machines are technically in perfect order, there is no legal ground to have them removed, either.
So, the Russian operation will continue to rake in cash. They’ve managed to find the hack that would ensure a constant stream of income even if the operation was uncovered (as it happened). The casinos and slot machine manufacturers had to choose between lesser of two evils. The only thing that can be done is for the casino security to stay alert at all times and keep track of any unusual patterns.
But, with so many casinos out there featuring Aristocrat and certain Novomatic slot machines (which were also hacked), the St. Petersburg organization will always have a new, unsuspecting target.