A scam was recently detected that has affected hundreds of online players on popular gambling sites PokerStars and Full Tilt Poker by allowing malware operators to cheat during online games. The scam was uncovered by malware researchers at the San Diego, California headquarters of IT security company ESET.
Disguised as harmless poker-themed apps and software such as online player lists, calculators and databases; the trojan installs and activates on Windows systems in several ways and allows spyware to take screenshots of player’s virtual poker hands that have been infected by Win32/Spy.Odlanor, the malicious software program, and then sends it to the attacker. Hackers then sign into the same game and use their knowledge of the other players hand and drive up the ante by betting against the opponent.
Researchers at ESET don’t know if the game is played manually or via automation by the perpetrator.
While the virus poses a threat to any online poker player, so far the majority of Odlanor’s victims originate from the Russian Federation and Ukraine which is typical of most malware. However, the malware can be modified to work with other skill games and is spreading worldwide and several victims have been located in Poland, Hungary and the Czech Republic according to ESET.
Robert Lipovsky, Senior Malware Researcher at Eset said, ‘We have observed several versions of the malware in the wild, the earliest ones from March 2015″.
ESET suggests that updated anti-virus software and removal of any files that look suspicious are measures that should be taken by concerned players. Players can also choose to alert the two targeted sites of any behavior they are suspicious of.