Operator Primedice Taken for Over a Million in Bitcoin

01 July 2015

Bitcoingambling

Bitcoin of what we think about when it comes to how currency works and the opportunities that come up when we have anonymous payment methods. A number of online gambling sites like Primedice have found themselves offering deposits and withdrawals in bitcoin as a sort of marketing ploy that's gained some sites a fair amount of attention. However, the anonymous factor, so often touted as a massive advantage, led to Primedice being fleeced for seven figures.

Software Flaws

The story here is basically that a user going by the name Hufflepuff was able to find a software flaw that allowed him to massively influence the outcomes on a dice game. Once this was in hand, Hufflepuff bet a lot of bitcoin and came out as a massive winner with over a million dollars for his or her score. They were monitoring the big winning streak and actually put a hold on the account to investigate. However, that's when things took an even more interesting turn.

Primedice originally found that Hufflepuff was doing nothing wrong, and the account was opened back up. Not to be detoured, Hufflepuff continued the reign of terror on their dice games, cashing out tons of money. They eventually found the software flaw, and they offered Hufflepuff a compromise that was promptly rejected. Instead, Hufflepuff took things to an entirely new level by finding yet another software flaw and taking another few thousand dollars off of Primedice before making off.

The Nature of the Problem

This is the kind of thing that industry experts have been warning sites about since bitcoin started to be talked about as a payment method in the online gambling industry. While they can flaunt the anonymous nature of the cryptocurrency as an advantage, it's also a major problem because it means that the players can take advantage of the site if they find software bugs that can be exploited. A better approach is to allow players to deposit and cash out in bitcoin while holding their actual account balance in US dollars (or some other currency), and this is achieved by converting the cryptocurrency at the time of the transaction. This prevents wild fluctuation of the value of account balances, but it also increases security for the site itself.