Skip to main content

2 posts tagged with "droidvnc"

View All Tags
MissedRemote accessVPNFake GPS appJailbreak / Root★ Pinned

Radar / Wind Creek Casino Online PA: iOS RDP, DroidVNC + Tailscale, and Android VPN undetected (results June 19)

RadarWind Creek Bethlehem
radarwind-creekwind-creek-bethlehempennsylvaniardp

Source. June 23, 2026 weekly sync.
Ticket. CIV-91: Wind Creek Bethlehem PA — environment compliance updates.

What we tested

Full integration testing of Wind Creek Casino Online PA (Radar) across iOS, Android, and browser. Results delivered June 19.

What happened

TestResultDetail
RDP — iOS FaceTime & iPhone Mirroring✗ Non-compliantNot detected. User outside PA (TN) remotely controls an in-state iPhone and places bets. In-state user must log in first; remote user controls the screen from there.
RDP — Android DroidVNC + Tailscale✗ Non-compliantNot detected. Remote user in an excluded state places bets on a PA Android device using DroidVNC and Tailscale together.
VPN — Android (Turbo VPN)✗ Non-compliantNot detected on Android. User logged in, placed bets, and played casino with VPN active.
VPN — iOS✓ CompliantVPN detected at login and mid-session.
RDP — Android (TeamViewer, AnyDesk, HopToDesk)✓ CompliantDetected at login or interval check.
Fake location — Android (FLA)✓ CompliantDetected before and during a gaming session.
Cross-border into exclusion state✓ CompliantUser fails geolocation at or just past the border (~90 m buffer).
Rooted Android + mocked location⚠️ Compliant*User fails for mock location / jurisdiction errors. Root itself not detected, but mocked location is caught. With GPS JoyStick the failure took longer — suggesting IP mismatch or low confidence score rather than direct root detection.

UX issues — new user flow & deposit

Operator-side friction observed during the same test cycle (not Radar detection failures, but worth tracking):

  • Android Galaxy S16 deposit loop: debit card deposit failed and sent the user into a loop — account flagged for Wind Creek approval with no timeline and no clear prompt. User attempted 3 times before abandoning.
  • ID verification false positive: notification asked user to close any app using the camera (triggered by screen recording). User bypassed by restarting the app — screen recording continued undetected.
  • No autofill for address, phone, or email on either platform.
  • Deposit methods limited to PayPal, Venmo, and debit card only.

Why it matters

Three undetected vectors on the same Radar deployment while the "standard toolkit" checks pass — native iOS screen sharing, Android DroidVNC + Tailscale, and Android VPN. The compliant iOS VPN handling directly contrasts with the undetected iOS RDP gap.

Cross-reference

Radar profile → · June 23 weekly sync →

DetectedRemote access

OpenBet / Fanatics NJ: droidVNC-NG RDP immediately blocked, error message names the remote-control app ✓

OpenBetFanatics Sportsbook
openbetfanatics-njdroidvncrdppositive

Source. May 19, 2026 weekly sync.
Ticket. CIV-70: BetFanatics — RDP Testing on Android via DroidVNC.

What we tested

Remote desktop access against the Fanatics New Jersey (OpenBet Locator) deployment, configured as:

  • droidVNC-NG running on the controlled Android device.
  • RealVNC Viewer on the controlling device.
  • Tailscale mesh-VPN linking the two over the public internet.

This is the same kind of setup that bypassed Bet365 NJ (Radar) and RSI BetRivers NJ (XPoint) earlier this week — Tailscale + a VNC tool.

What happened

  • Immediately blocked. The session was refused at the compliance check.
  • Error message named the app. The error explicitly identified droidVNC-NG as the remote-control application in use, rather than surfacing a generic "session blocked" string.

Why it matters

This is the cleanest compliance-UX outcome we recorded this week. Two things matter:

  1. The detection worked. A real RDP-style attack on Android was identified and refused at session start — no bets placed, no prolonged exposure window.
  2. The error message did something useful. Naming the specific remote-control application means:
    • The player knows what to uninstall to get back into compliance.
    • The operator's support team gets a clear signal in the logs.
    • The compliance audit trail is self-documenting.

Contrast with Radar's generic "Account Locked" string on DraftKings DFS NJ this week, which says nothing about what triggered the block or how to recover.

Cross-reference — RDP this week

OpenBet is the only provider with an unambiguous RDP positive this cycle:

OperatorProviderToolResult
Fanatics NJOpenBetdroidVNC-NG✓ Blocked + named (this finding)
Fanatics TNOpenBetFaceTime✓ Blocked
Fanatics TNOpenBetTeamViewerUndetected
Bet365 NJRadarTailscale + RealVNCUndetected
RSI BetRivers NJXPointTailscaleInconsistent
DraftKings DFS NJRadarZoom / AnyDesk / TeamViewerInconsistent

OpenBet's coverage is not uniformly good — TeamViewer slipped past at Fanatics TN — but where it triggers, it triggers cleanly.

OpenBet profile → · May 19 weekly sync →