At the Lumiere Place Casino in St. Louis, at the beginning of June 2014, accountants noticed something strange among some of their slot machines. All of the machines are programmed with a fixed house edge. Over the long run, there is a certain return to player (RTP) for every machine. For every dollar played on the machine, a certain amount is given back to the player and a few cents are kept for the casino.
On June 2 and 3, however, several slot machines on the Lumiere Place floor gave back much more money than they should have, even though no major jackpots had been hit on those machines during those two days. Since modern slot machines are controlled by carefully constructed computer code that doesn’t deviate from one day to the next, the only possible explanation for the anomaly was cheating.
The casino eventually spotted the man they were looking for after reviewing their security tapes. He didn’t fit the usual profile of a slot machine cheat. He didn’t seem to tamper with the machines in any way, and he didn’t make use of any strange device. He did, however, hold his cell phone up to the screen in an odd way as he played his first spins on the slots that he chose — all of which happened to be made by Australian manufacturer Aristocrat Leisure.
Spin, Win, Repeat
The man would sit and play at his chosen slot like any other player, but holding his phone up close to the screen as he did so. After a few minutes, he would get up and walk away. Then, shortly after, he would return, seemingly deciding to give the machine another chance.
Somehow, that decision to come back and try his luck once more always paid off. Several times he turned as little as $20 into more than $1300. He would then take his winnings and move on to another machine to repeat the whole process over again. All in all, he managed to rack up about $21,000 in winnings over his two-day streak.
The Right Slot At The Right Time
As they watched the tapes, the only thing casino security noticed that seemed strange (other than the cell phone) was that when this man returned to play his chosen machines the second time, he would sit with his hand hovering over the spin button for quite a long time before he’d finally smack it quickly, like a contestant buzzing in to answer on a game show. Most slot players don’t behave this way. They merely spin one after another until they’re done with the game.
He’s Not Alone
On the 9th of June, Lumiere Place shared what they had found with the Missouri Gaming Commission, who issued an alert to other gaming establishments in the state. Several casinos discovered that they’d had their slots cheated in the same way, but not by the same man. There appeared to be a small crew operating. Each casino found recorded evidence of someone holding a cell phone close to the screen of an Aristocrat Mark VI slot machine just before they would enjoy an incredible run of good luck.
Authorities in Missouri were able to identify the Lumiere Place suspect by examining rental car records. He turned out to be Murat Bliev, a 37-year-old Russian. He had already gone back to Russia on June 6th, but the organisation he worked for — based out of St. Petersburg and apparently employing dozens of slot machine cheats who work around the world — quickly sent him back to the U.S, to meet up with another crew. Bliev’s return would prove to be the end of his lucky streak.
Hacking The House Edge On Slots
There has been a surge of slot machine cheats coming from Russia since 2009 when virtually all gambling was made illegal in the country. Trying to recoup some of their investment, thousands of casinos throughout the country began selling off their gaming equipment to whoever would buy it, including slot machines. At least some of those slot machines wound up in the hands of hackers, eager to try their hand at cracking the internal algorithms and finding the keys to sure wins.
Austrian game designer Novomatic also turned out to be particularly vulnerable. Central and eastern European casinos began reporting a highly improbable number of large payouts occurring on the company’s slot machines by early 2011.
Novomatic’s engineers inspected the slots, but couldn’t find any evidence of tampering. The only logical explanation was that someone, somehow, had figured out how to predict the behaviour of their slots. In February 2011, Novomatic sent a notice to their customers that included the following statement, “Through targeted and prolonged observation of the individual game sequences as well as possibly recording individual games, it might be possible to allegedly identify a kind of ‘pattern’ in the game results.” Identifying those patterns in results would take an amazing effort — but it’s not impossible.
The results of any spin on a digital slot machine are controlled by what is known as a pseudorandom number generator. Most often casinos and slot makers simply refer to it as a random number generator, or RNG. The truth is, though, that no number generated by a computer can be truly random. It can be seemingly impossibly difficult to predict what number the computer will pick, but because of the way computers work, it can never be truly random.
A computer’s RNG takes an initial number, known as the random seed, and acts upon it using other naturally changing numbers, like the number of seconds remaining in the current minute, for example. Following the code of whoever programmed the computer, it will make several calculations with varying numbers to generate the pseudorandom result.
A number generated this way is, indeed, extremely difficult to predict, but it gets easier if you have access to the computer and the code that’s being executed. If you know what ingredients are being mixed up in the pot, you can follow the same recipe to arrive at the same result.
Just knowing how a given computer generates its random numbers is not enough to pull off this impressive scam though. The random seeds are going to be different at different times and from one machine to another. In order to get the desired result, the hackers would also need to analyse how the slot is currently playing to find a pattern. This would require time and plenty of computing power. While one might have plenty of time in the casino, bringing along the computing power could pose a problem.
An International Effort
Darrin Hoke, a casino security expert who was working as the director of surveillance at L’Auberge du Lac Casino Resort in Lake Charles, Louisiana, heard about the scam in St. Louis and decided to see just how big the operation really was. He was eventually able to identify about 25 people who were working this scam in casinos all over the world, including California, Romania, and Macau.
By digging through hotel registration records, Hoke also found that two of Bliev’s accomplices from St. Louis had moved on to the Pechanga Resort & Casino in Temecula, California. The California Department of Justice managed to detain one of them, confiscating four cell phones and $6000 in cash.
The cell phones recovered at Pechanga combined with information from the Missouri and European investigations finally gave investigators the answers they were looking for. According to Las Vegas casino security consultant Willy Allison, the Russian players would use their phones to record about 20 to 30 spins on the slots they intended to cheat. The recorded spins would then be uploaded to a technical team in St. Petersburg who would use their knowledge of the slot machine’s RNG along with the recording to determine the current spin pattern. The player would then receive a list of timing markers through a custom app on their phone. The app would make the phone vibrate just a fraction of a second before the optimal time to spin for a win.
The players are not successful with 100% of their timed spins, but they still result in abnormally high payouts. Most of the operatives working this scam will keep winnings to about $1000 per machine to avoid drawing attention to themselves. They can typically pull about $10,000 per day from the slots. A crew of four or more working various casinos could rake in more than $250,000 in a single week.
Coming Back For More
On the second of his last two trips to the U.S. in 2014, Bliev flew into Chicago’s O’Hare Airport and headed to St. Charles, Missouri to meet up with three other men. The four had planned to spend a few days working casinos in Missouri and western Illinois.
On December 10, security personnel at the Hollywood Casino in St. Louis spotted Bliev and it wasn’t long before the four-man crew was arrested. Because they had worked their video slot scam across state lines, they were charged with conspiracy to commit fraud by the federal government.
Three of the men, including Bliev, accepted plea bargain deals and were sentenced to two years in federal prison to be followed by deportation. The fourth is a Florida resident who was granted religious asylum in 2013. He is still awaiting sentencing, reportedly because he continues to cooperate with authorities and is assisting the FBI with ongoing investigations.
Exploring New Horizons
In 2016, authorities in Singapore got a bit more information when they caught and prosecuted another of the St Petersburg organisation’s crews. One Czech member gave up some details of the organisation’s financial structure and operational tactics. He reported that about 90% of the money generated through the scam goes back to St. Petersburg. In addition, the teams have begun putting the cell phones in a shirt pocket behind a piece of mesh so they can record the reels without being so obvious. They may also be streaming those initial spins back to the technical teams via Skype, eliminating the need to walk away from the machine and upload a recording.
The cases in Missouri and Singapore seem to be the only two where the group has been prosecuted, though there have been some reports of individual casinos catching and banning players who seemed to be participating in this scam. More recently, some South American casinos have reported Russian gamblers who seem to have cheated them out of money on older Novomatic slot machines.
In the end, the St Petersburg slot machine hackers will most likely continue to do very well for themselves. The realities for the casinos and their customers don’t leave much room for anything to change. There is no easy fix for the machines that are already out there. The only real solution would be to pull all the games off the casino floors and replace them with something else, which neither the manufacturers nor the casinos are going to do. As long as the games are popular with their regular players, it is, in the long run, still in their best financial interest to leave the slots on their floor and deal with the occasional cheat.