Online poker players targeted by new scam

A piece of malware created to spy on online poker players’ cards has been discovered by a security research firm.

Odlanor usually infects users that unwisely download and install software outside of recommended sources.

Once the attacker and the victim on the same table, the malware will continue to take periodic screenshots, providing an unfair advantage which can be used to win hands in which the two are competing for.

Eset uncovered the scam on PokerStars and Full Tilt Poker. Today, we’re bringing you one of those uncommon threats – a Trojan devised to target players of online poker. Screenshots are then sent to the attacker. This malware masquerades as benign installers for various general goal programs, such as Daemon Tools or mTorrent.

Members of online gambling sites, PokerStars and Full Tilt Poker, have been targeted by a new malicious spyware program called Odlanor.

ESET researchers could not determine if this malware was used by human attackers, or screenshots were fed to an automated system with OCR (Optical Character Recognition) capabilities. In an infamous case from 2007, Patrik Antonius and Johnny Lodden say they were cleaned out by a player who infected their computers with malware while chatting with them on MSN Messenger.

Lipovsky says in newer version of the malware, general-purpose data-stealing functionality has been added, enabling password extraction from various web browsers.

The trojan communicates with its C&C, the address of which is hardcoded in the binary, via HTTP.

‘According to Eset LiveGrid telemetry, the largest number of detections comes from Eastern European countries [and] several of the victims were located in the Czech Republic, Poland and Hungary.

ESET has detected the malware in the wild since March 2015. Lipovsky found that hundreds have already been duped by the hackers, mainly in Eastern Europe, but warned that all online players were under threat.