Poker Players Targeted By Card-Watching Malware

Malware Target Popular Online Poker Sites

Malware researchers at security firm ESET have come across a new Trojan which has been designed to cheat online poker by a sneak quick look at the cards of infected opponents. According to ESET’s security researcher, Robert Lipovsky, the malware is said to target PokerStars and Full Tilt which are two of the most popular online poker sites.

He has mentioned in his recent blog post that the attackers operate in a simple manner and after the victim has been affected successfully with the Trojan, the culprit then attempt to join the table where the victim tends to be playing with an unfair advantage by getting to know about the cards in their hands.

Malware, Win32/Spy.Odlanor, covers up as a benevolent installer for several general purpose programs like Daemon Tools or mTorrent. Lipovsky has mentioned that people tend to get infected while downloading some other useful application from some unofficial source.

In some instances, it tends to get loaded on to the user’s systems through several poker related programs which comprises of poker player databases as well as poker calculators like Tournament Shark, Smart Buddy, Poker Calculator Pro, Poker Office and much more.

Prowls in Software Created For Better Performance

The tricky malware has been discovered prowling in software created to support poker fans with better performance according to a security firm which discovered it. The software is also said to target other valuable information on a user’s computer like login names as well as passwords.

When a system is infected, the software observes the activity of the PC and operates when a victim has logged in to any of the two poker sites. Thereafter it begins taking screenshots of their activity and the cards they tend to deal with and send the screenshots to the culprits.

Lipovsky mentioned that later on the screenshots can be retrieved by the cheating culprits which reveal not only the hands of the infected opponent but the player ID as well.This according to ESET enables the criminals to search the sites for that play and join in their game. Both the targeted poker sites permit searching for players by their player ID and so the culprit can connect with ease at the table on which they tend to be playing.

Largest Detection of Spywares – Eastern European Countries

With the information gathered with regards to the victim’s hand, it provides significant advantage to the criminal. Lipovsky writes that he is not sure if the attacker tends to play the games manually or in some automated way.ESET have discovered that the Windows malware seem to be prowling in some of the well-known file-sharing applications, PC utilities and many other widely used poker calculators and player databases.

Lipovsky writes that the largest number of detection of spyware has been active for several months where most of the victims were from Eastern European countries. However, the Trojan tends to be a potential threat to any online poker player.

 Most of the victims were from the Czech Republic, Poland and Hungary. ESET had stated that they had discovered various versions of this malware dating back to March 2015. To make matters worse, new versions also tend to contain `general purpose data stealing functions’ with the abilities of siphoning passwords from several web browsers. As of September 16, several hundred users have been infected with Win32/Spy.Odlanor.