1
Overview
The following information was obtained directly from a Drat agent (distributor) upon onboarding into their VIP / Major Client version.
The agent provides new users with a complete operational playbook specifically designed to evade our platform's anti-cheating detection systems. This document consolidates all disclosed evasion methods, organizational structure, and business model intelligence.
This represents a commercialized cheating operation with tiered distribution, deposit systems, and performance-based reporting — not a hobbyist tool.
2
System Architecture (Agent-Disclosed)
| Component | Description | Indicator |
|---|---|---|
| Device | Pre-configured or user-configured device with Drat software installed | Hardware |
| "Pilot" | Background process that initializes the AI engine | "Pilot started successfully" |
| AI Engine | Real-time hand analysis and betting recommendations | "AI connected successfully" |
| WPK Client | Standard WPK poker client; AI overlays betting prompts on top | Front-end |
| Agent Backend | Agent receives account sheets, performs remote configuration | Remote Config |
Connection Flow
1. Device setup & clear messages
2. Register WPK account & fill form
3. Send account sheet to agent
4. Agent configures remotely
5. User fills device message settings
6. Launch WPK → "Pilot started successfully"
7. Enter poker room → "AI connected successfully"
8. AI provides real-time betting prompts
3
Anti-Detection Evasion Protocols
All protocols below are directly instructed by the Drat agent to VIP users upon onboarding.
3.1 Account Management
| Rule | Detail | Inferred Purpose |
|---|---|---|
| Unique passwords | Passwords must not be the same or similar across accounts | Avoid pattern-based account linking |
| 10-min registration gap | Each account registration spaced at least 10 minutes apart | Avoid IP/device fingerprint clustering |
| Sequential device registration | Register one account, then move to next device — never simultaneously | Prevent device fingerprint correlation |
| 600-hand rotation | Replace account after reaching 600 hands played | Stay below statistical anomaly detection thresholds |
| Device rotation | Replace device along with the account | Avoid device-to-account linking after rotation |
3.2 Session Behavior Controls
| Rule | Detail | Inferred Purpose |
|---|---|---|
| 6-hour daily cap | Account online time must not exceed 6 hours per day | Avoid abnormal session duration flags |
| Mandatory breaks | 30–60 min break required every 2 continuous hours | Mimic natural human session patterns |
| End-of-day Career check | All accounts must check "Career" stats after each session | Verify AI performance / avoid data sync issues |
3.3 In-Game Behavioral Mimicry
| Behavior | Instruction | Inferred Purpose |
|---|---|---|
| Avatar clicking | Click player avatars and view their data | Simulate normal player curiosity |
| Chat activity | Chat frequently with other players | Generate human-like social signals |
| Emoji usage | Send emojis occasionally | Create natural social interaction patterns |
| Artificial thinking time | Add extra delay before placing AI-prompted bets | Defeat bet-timing analysis (constant response = bot flag) |
| Variable decision speed | Vary the delay per round | Prevent detectable timing patterns |
3.4 Table Navigation Protocol
| Rule | Detail | Inferred Purpose |
|---|---|---|
| Mandatory path | Enter tables via Career → Friends Table only | Likely generates different API calls vs. standard table join |
| Pull-to-refresh banned | Never use pull-down refresh to find tables | Pull-to-refresh may trigger a different endpoint or log entry that flags automation |
4
Organizational Structure
Drat Company (Developer)
Develops AI engine, manages
"cyclical ban rate" strategy
"cyclical ban rate" strategy
▼
Agents (Distributors)
Distribute VIP version, configure devices,
collect deposits, verify game reports
collect deposits, verify game reports
▼
End Users (Operators)
Operate accounts, follow evasion playbook,
submit proportional game reports
submit proportional game reports
Business Model Details
| Element | Description |
|---|---|
| Deposit System | Users pay a deposit to agents before receiving access |
| Proportional Game Reporting | Users report winnings with evidence — chat logs, club screenshots, table screenshots |
| Verification Layer | Agents audit reports; false reporting results in financial penalties and access revocation |
| VIP/Enterprise Tier | Premium version with presumably better AI and more sophisticated evasion features |
5
Operator's Own Admission on Ban Rates
The Drat operator openly acknowledges that accounts will be banned. This statement was provided to VIP users as part of their onboarding materials:
"The characteristic of our product is 'cyclical ban rates.' We use technical measures to keep accounts from being banned within one cycle. We have successfully completed multiple cycles with good ban rates. Each cycle lasts 15–74 days before bans occur. We do not promise customers specific ban rates, because users who use our version are those who ultimately trust our company."
Key Insight: This admission confirms the tool is detectable — their strategy is to delay detection, not prevent it. They treat account bans as an operational cost and rotate accounts/devices before pattern analysis completes a full cycle.
6
Detection Opportunities Identified
Based on the disclosed evasion protocols, the following detection vectors should be prioritized:
| Signal | What to Look For | Priority |
|---|---|---|
| 600-hand account lifespan | Accounts that consistently go inactive or are abandoned near 600 hands | Critical |
| Account-device rotation | New account on new device appearing shortly after a 600-hand account goes dark | Critical |
| Session patterns | Consistent 2-hour play blocks with 30–60 min gaps, max 6 hours/day | High |
| Registration cadence | Accounts registered 10+ minutes apart from similar IP ranges or device fingerprints | High |
| Table join method | Accounts exclusively joining tables through Career → Friends Table, never using pull-to-refresh | High |
| Betting timing analysis | Artificial variance in bet timing that follows a distribution different from genuine human hesitation | High |
| Behavioral mimicry patterns | Scripted social interactions (avatar clicks, chat, emojis) that follow predictable or periodic patterns | Medium |
| Password structure | Passwords deliberately varied but potentially sharing structural patterns from same generator | Medium |
| Career page access | Consistent end-of-session Career page checks across multiple linked accounts | Medium |
7
Recommended Next Steps
- Set up a secure, isolated testing environment — Procure the VIP version of the tool for controlled analysis
- Capture the "Pilot" process — Analyze network traffic, API calls, and system footprint of the background process
- Profile the AI decision engine — Measure response timing, decision patterns, and accuracy curves to build detection signatures
- Map table-join API differences — Compare Career → Friends Table path vs. pull-to-refresh to understand why they mandate one specific path
- Build detection models — Target the 600-hand lifecycle, session patterns, and behavioral mimicry patterns described above
- Cross-reference existing ban data — Validate the 15–74 day cycle claim against our historical ban records to confirm timeline accuracy
- Hand over technical findings — Deliver signatures and detection rules to the relevant engineering teams for implementation