Maintain your poker face, but a Trojan is reading your cards
Hackers spy on your online poker hand, enter the game, and beat you
Online poker players are being targeted by malware designed to spy on their virtual hand.
The virus, Win32/Spy.Odlanor, shares screenshots of the victim's cards with its creators, who are then able to join the game with a clear view of the target's hand, allowing them to cheat their way to a winning hand.
IT security company ESET found the Trojan in programs meant to help poker fans play better, as well as popular file-sharing applications.
Some versions of the virus are capable of targeting other information on the infected computer, such as passwords.
In a blog post, Robert Lipovsky, a security researcher at ESET, explained the Windows-specific malware has been active for several months.
The software monitors PC activity after infecting a machine, waiting for a victim to log on to Pokerstars or Full Tilt Poker, two of the largest online poker sites.
Once logged on, users' activity along with their dealt cards are monitored and sent to the perpetrator.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
A player's ID can be searched on either site, allowing the attacker to join their table with a significant advantage. It is still unclear if the trojan's operator plays games manually or in an automated manner, said Lipovsky.
ESET found the virus hiding in PC utilities, well-known file-sharing applications, poker calculators, and player databases.
Newer versions of the virus include a general-purpose data-stealing application that is able to extract passwords from web browsers as well. The majority of activity came from Eastern Europe, with a large concentration of victims in Russia and the Ukraine.