Russia's slot-machine bans let criminals buy machines on the cheap and reverse-engineer them

In 2009, then-PM Vladimir Putin engineered a Russian ban on slot machines in a bid to starve Georgian mafiyeh of funds, the resulting glut of used slots gave Russia's own criminal gangs cheap testbeds to use in a project to reverse-engineer the machines and discover their weaknesses -- now, Russian gangs roam the world's casinos, racking up careful, enormous scores.

The gangs have discovered predictable patterns in the machines' pseudorandom number-generators. They use streaming cellphone video (shot through a mesh cutaway breast-pocket) to allow analysts in St Petersburg to characterize the machines' patterns, then those analysts send quarter-second-delayed buzzes through the phones back to the field-operatives, telling them when to stop the slots' spin to maximize payouts. The crooks take no more than $1,000 from any machine, and it took a long time for casino operators to figure out why their machines were paying out more than statistics predicted they should (early versions of the scam required operators to hold their phones up to machines while playing them, go off for a while, then return -- a much more obvious hack that allowed for detection).

The FBI have arrested some of the alleged operators, at least one of whom is said to be turning state's evidence, and thus providing the means to unravel the scam. However, slot machine operators have no countermeasures -- apart from surveillance and arrests -- to keep their machines from being gamed this way.

The economic realities of the gaming industry seem to guarantee that the St. Petersburg organization will continue to flourish. The machines have no easy technical fix. As Hoke notes, Aristocrat, Novomatic, and any other manufacturers whose PRNGs have been cracked “would have to pull all the machines out of service and put something else in, and they’re not going to do that.” (In Aristocrat’s statement to WIRED, the company stressed that it has been unable “to identify defects in the targeted games” and that its machines “are built to and approved against rigid regulatory technical standards.”) At the same time, most casinos can’t afford to invest in the newest slot machines, whose PRNGs use encryption to protect mathematical secrets; as long as older, compromised machines are still popular with customers, the smart financial move for casinos is to keep using them and accept the occasional loss to scammers.

Russians Engineer a Brilliant Slot Machine Cheat—And Casinos Have No Fix [Brendan I Koerner/Wired]

(Image: SlotsBoom Casino Slot Videos )