Competitive Intelligence โ Weekly Sync
๐ Week 3 โ April 7, 2026 ยท โฑ 30 minutes ยท ๐ฅ Weekly cadence
1 ยท Competitive and Client Testing (Julia) โ Key Findingsโ
- โ Radar VMOS not detected on second attempt โ FD WV regression
Allowed bets from Tennessee on the West Virginia app. Opposite of the Mar 31 positive result. - โ Radar rooted Android (hidden root) not detected at Saracen AR โ confirmed result from FD WV. Re-tested from TN with all root-hiding steps confirmed.
- โ Radar resigned Saracen AR iOS app โ DETECTED โ
App flagged with appropriate error messaging; account not blocked. Contradicts the FD WV result. Follow-up validation scheduled pending the next iOS app release. - โ Radar jailbroken root-hidden iOS not detected โ Sleeper Sports, PrizePicks, Fliff
Three operators, one structural gap โ users with jailbroken devices bypass geolocation controls and wager from prohibited locations.
XPoint โ RSI DE โ Key findings so farโ
- โ Critical security gap โ FaceTime RDP not detected โ MI user wagered on DE iOS
Casino + sportsbook both allowed remote wagers. Confirmed cross-region with AZ โ structural failure. - โ Border performance โ near-border pass/fail inconsistent; erroneous failures even moving away from the boundary. Active session SUSPENDED on DE-MD crossing before any spoofing attempt. Static/mobile toggling friction near MD + DE borders vs GeoComply seamless PA.
- โ macOS install + UX โ requests access to documents folder (known issue). AnyDesk installed (not running) silently blocks betting โ false positive.
- โ Mac CPU โ 1-minute interval spikes from 0.5% โ 16% during poker gameplay.
Additional research โ Leaked keys casesโ
- Anatsa (TeaBot) banking trojan via Google Play, large-scale campaign (77 apps) โ runs on real, certified devices in legitimate sessions; payload delivered later. Mass credential theft + financial fraud across regions.
- GoldFactory campaign (repackaged banking apps) โ attackers modified legitimate banking apps, injected malicious code, redistributed them. Integrity checks can be bypassed/removed in repackaged apps.
- SharkBot banking malware (NCC Group + Cleafy) โ Accessibility abuse for credential theft + unauthorized transactions from victims' devices.
- All integrity checks passed because fraud was performed on real, Play-certified devices within legitimate app sessions.
- Similar story with Xenomorph banking trojan via Google Play apps.
2 ยท Competitive Research (Valeria) โ Key Findingsโ
- โ MITM tests partially completed on Xpoint โ seem to be blocked, thus compliant. Will retest some test cases and test Radar next.
- โ Splash Sports planning to offload Xpoint in June 2026
Multi-state DFS gap โ Xpoint has no Multipass or Dynamic Boundaries equivalent. - โ Bet365 confirmed dual-stack โ XPoint web + Radar mobile
3 ยท End-user Feedback (Valeria) โ Key Findingsโ
๐ Full dataset: Social Media Competitive Signals ยท Reddit + X/Twitter public posts. Monitoring initiated March 2026.
- โ TQJ 'Todos Querem Jogar' switched OpenBet off โ "worked poorly and caused UX issues". Now using IP-only as primary geolocation.
- โ Bet365 (Radar) Android โ 1-star reviews "location verification is trash" โ "Stuck on trying to find the location. Very bad app, likely a scam."
- โ RushStreet (Xpoint) negative Android review โ kicked off during tournaments, lost money
- โ Bet365 web (Xpoint) โ Reddit user asking how to spoof XPoint Verify, two users offered Magisk help
4 ยท What's Next โ Plan for Next Weekโ
Field Testingโ
- Jailbroken root-hidden iOS โ to test on FD WV, Saracen AR, and any client integrated with GeoComply
- Resigned Saracen AR iOS app โ to retest on a new app version (the Engineering team will prepare it this week)
- Fanatics / OpenBet Locator โ validate the integration
- Radar / Saracen AR, XPoint, Radar / Bet365 โ run the Replay Attack testing
Betting Heroโ
- Radar / Saracen AR (web desktop) โ perform full validation of the competitor's app
Integrations teamโ
- Mkodo research to be posted later this week