Telecom and Logistics Associates 

new6.gif (1031 bytes) TLAalert    Security Service 
Translate this page from:  publication: Christian ALT 
  Save Time and Money

TLAnews: Security NEWs Service

 24.6.2000 Security: Hacking slot machines
WMS Gaming of Chicago is suing an Edmonton man for $10 million, alleging that he threatened to publicize a software flaw in its slot machines that allowed players to consistently win large amounts of money.

En français: Pirater des machines à sous
Un consultant en informatique est poursuivi par la société WMS Gaming of Chicago pour avoir diffusé sur Internet le moyen de pirater ses machines à sous. Les pertes sont estiméees à quelques 10$ million.

Home
Consulting
Tech Doc
FW-1 FAQ
Training
Products
TLAnews
Archive
Advertising
 

TLAnews.com
Information for security concerned people

 
Register to TLAnews letter
 

 

 
English version
Zues Yaghi, an Edmonton software consultant, began to post information about the software glitch on the Internet. 

The flaw may easily have cost the slot machine manufacturer $50,000 - to $1 million.gamblers visited three states in the U.S. between December 1999 and February 2000, where they used the flaw to win at gaming.

The flaw involves players doubling their bets on an electronic poker game in conjunction with several other commands.He was doing what what he called "field intrusion testing," a technique he described as probing functions on a machine for weaknesses.

His problems began when Yaghi offered his services to WMS Gaming as a consultant for $250,000. WMS counter-offered with about $50,000. The counter-offer enraged Yaghi, according to Edmonton lawyer Mark Lesniak, who has been retained by WMS Gaming.
Résumé en français
Zues Yaghi, un consultant en informatique de Edmonton a posté de l'information sur Internet une méthode pour exploiter les faiblesses d'un type de machines à sous.

L'exploit a été réalisé sur un poker électronique. Il a dit qu'il effectuait un "test d'intrusion sur le terrain". 

Ces problèmes ont commencés lorsqu'il a voulu monneyer sa découverte. L'entreprise lui proposait la somme de $50000, alors qu'il en exigeait $200000, c'est ce qui l'a enragé et c onduit à diffuser l'information sur Internet.

Yaghi dit ne pas avoir lui-même utilisé cette vulnérabilité sur les machines.

 

 

 

Yaghi began describing the glitch on Internet message boards in late February. He wrote that he was "amazed to discover a huge open door in the programming of these slot machines. I can literally empty thousands of dollars in minutes from these machines."

Yaghi said in the interview he has not used the technique himself on the slots.

 

Yaghi said tapping on the "draw" button as the last credit registered would get players into what he believed was a so-called Easter egg. Easter eggs are deliberately inserted pieces of code meant to produce a hidden option for users. Normally, Easter eggs are harmless mini-games or puzzles.

   

Author information.
Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved.
Revised: juin 26, 2000 .

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.