Was this coming from those accounts with random character names making a single bet of .1 (or however much it was if there were more that weren't on the high rollers list)?
Not too sure. Quite possibly.
If I'm thinking along the right lines I think the attack have gone like this:
1. User 'deposits' by sending a payment to an address
2. User bets with that deposits
3. a) If it wins, let the deposit confirm
b) If it loses, attempt a double spend to an alternate address that's owned by the user
4. Rinse and repeat, to win.
Would this be the right idea Stunna?