Warning: Affiliate Account Hacker Update
A Vietnam-based man by the name of Ly Duc Trong has succeeded in scamming multiple affiliates out of earnings by hacking into affiliate accounts. Before falling victim to he or another hacker, here is what affiliates need to understand about his methods and steps they can take to secure themselves from losing earnings to scammers.
Ly Duc Trong Hacker Method
Ly Duc Trong has been stealing from affiliates by accessing their affiliate accounts and changing their payment details in order to have payments sent to him. “bb1web” on the Gaming Portal Webmasters Association forums notes that the hacker appears to only target accounts with small balances in an effort to go unnoticed.
The hacker has changed payment details to his address in Vietnam in order to request cashouts to be sent to his various e-wallet services. Most commonly, he has used WebMoney as he gets paid instantly and they do not ask to verify a name. Other methods used to receive payments incLyde player account transfers, Neteller, bank transfer, and PaySpark.
Details of the payment information he has been using can be seen in the image below.
It remains unclear precisely how Ly Duc Trong is able to access so many affiliate accounts. One CAP affiliate suggested to us in an interview that the hacker could be a former affiliate manager.
Hackers have also been known to socially engineer their way into receiving secure data. They do this by pretending to be someone inside the company who should be able to access the info and then making someone else within the company provide it to them.
It may also be possible that Ly Duc Trong is simply penetrating affiliate systems through conventional hacking methods and acquiring user password data. This possibility is somewhat unlikely however as affiliate programs would probably discover these flaws quickly and fix them immediately.
In an instant messenger conversation with an anonymous affiliate, “bb1web” ascertained that the hacker has created Yahoo! email accounts using the same username as affiliate accounts and then emailed affiliate managers inquiring about payment. This information gives weight to the theory that Ly Duc Trong is socially engineering his way into affiliate systems.
“bb1web” also notes that the PaySpark account being used to receive payments by the hacker is likely four years old which suggests he has possibly been hacking affiliate accounts undetected for years.