Security Firm Warns On Internet Poker Malware

Beware of Odlanor

US and European mainstream media are carrying reports on a malware scam that appears to target the largest online poker sites Pokerstars and Full Tilt.
The scam was spotted by San Diego-based security company Eset, where specialists advise that it impacts players with accounts at the two major poker providers.
The spyware has been dubbed Win32/Spy.Odlanor, and reportedly allows cybercriminals to view users' cards on the online poker sites, making it possible to cheat players with infected computers.
The Silicon Republic reports that the malware masquerades as benign installers for various programs, such as Daemon Tools or mTorrent. In some cases security specialists found that the spyware was loaded onto the victim's system through poker-related programs such as Tournament Shark, Poker Calculator Pro, Smart Buddy, Poker Office, and others.
Once installed, the Odlanor malware is used to create screenshots of the players' action, which are then sent to the attacker's computer, revealing the hands and player ID of the victim. The operators allow players to search for specific IDs, inadvertently making the attacker's job easier.
Eset says it is unsure whether the perpetrator then plays the games manually or in some remotely automated way, but as of September 16 researchers have confirmed that 'several hundred' users' computers have been infected.
'We have observed several versions of the malware in the wild, the earliest ones from March 2015,' said Robert Lipovsky, Senior Malware Researcher at Eset. "According to Eset LiveGrid telemetry, the largest number of detections comes from Eastern European countries – several of the victims were located in the Czech Republic, Poland and Hungary."
Eset says that what is a growing cause for concern is that newer versions of the malware have general-purpose data-stealing functionality added.
These are running a version of NirSoft WebBrowserPassView, embedded in the Oldanor trojan. The company detected the tool (Win32/PSWTool.WebBrowserPassView.B), which it said is a legitimate, "albeit potentially unsafe application, capable of extracting passwords from various web browsers".

Online Casino News Courtesy of Infopowa

About the Author... Total Posts Written: 9,449
Casinomeister

Casinomeister

The man with the plan here at Casinomeister. Bryan Bailey has been running Casinomeister since its launch in June of 1998. He has watched the industry grow from its primeval stage to what it is now. The Meister has attended nearly 100 conferences in the past 20 years and has either been a speaker or a panel moderator for at least 60 events. He has always been an advocate of fairness and reason and is known to like German beer, a good Scotch, and astrophography.
bryan@casinomeister.com

See More Posts