Malware enables cheating at online poker

Trojan targets victims using PokerStars, Full Tilt Poker client software

Poker dogs
Credit: Pixabay

Online poker malware lets players cheat by getting a peek at cards held by opponents whose machines have been infected.

The Trojan, called Win32/Spy.Odlanor, is typically downloaded by victims because it is disguised as installers or resources such as poker databases and poker calculators, according to the ESET WeLiveSecurity blog.

“In other cases, it was loaded onto the victim’s system through various poker-related programs … such as Tournament Shark, Poker Calculator Pro, Smart Buddy, Poker Office, and others,” the blog says.

Once installed it grabs screenshots of the PokerStars and Full Tilt Poker clients, letting the attackers see what cards the victim holds. In order to carry out the scam, the cheaters have to find and join the table at which the infected machine is playing.

To do that, the attacker checks out a screenshot to obtain the victim’s user ID for the poker site, which helps the attacker find the right table, the blog says. “We are unsure whether the perpetrator plays the games manually or in some automated way,” it says. Regardless, the cheater still has to have the better hand to win.

Creators of the Trojan have upgraded it over time by embedding generalized data-stealing functionality with a version of NirSoft WebBrowserPassView, a legitimate application that is capable of pulling passwords from browsers.

Most of the victims are in Eastern Europe, ESET says.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.