A new malware called Odlanor is set to become the worst nightmare of online poker players. Online security experts have discovered this malicious software which allows cybercriminals to see the hole cards of the players of PokerStars and Full Tilt.
“From time to time we come across something out of the ordinary, something that does not fit into the category of typical malware that we encounter every day” revealed Urban Schrott , an expert employed by ESET, a company specializing in the fight against cybercrime. “This time, we discovered a very special Trojan horse designed to target online gamers.”
Detected the first time April 19, 2015, Win32 / Spy.Odlanor is designed to specifically target players of PokerStars and Full Tilt to allow hackers to benefit from their screenshots including delivering the cards of the players whose computer was infected.
“PokerStars and Full Tilt are aware that computers of some players were affected by a harmful software” told PokerNews a representative of the two operators, before attempting to show reassuring “a historical analysis of these accounts that we suspect of being infected has shown that these players have not lost money because of this illegal practice.”
“In our continued commitment to optimal security, we recommend players to protect against such attacks by having the best security on their computers. Players must download the latest updates, use high performance anti-virus software and n install as programs published by sources to the reputation intact. “
How Odlanor?
As explained by ESET, Odlanor is software that is both simple and very malicious.
“In the image of a classic trojan, users are infected with Win32 / Spy.Odlanor unknowingly when they download another program theoretically having nothing to do with this trojan” explains ESET. “This software is behind innocuous programs like Daemon Tools or mTorrent .”
ESET blog also mentions poker dedicated programs like Tournament Shark , Poker Calculator Pro , Smart Buddy and Poker Office as capable Odlanor installed on the computer players.
Once installed, the malware starts to take screenshots of the players and send them to the program user. What makes the software particularly dangerous for the players is that these screenshots allow crooks to see both the cards and the identity of the players covered, providing the opportunity to perform on PokerStars and Full Tilt research to find the player hit and then play against him.
According to ESET, Odlanor can do the following
- Download files from a remote computer
- Run files
- Make a
- Updater automatically a new version
- To uninstall itself
- Send the information collected
screenshots
Statistics hands, ESET explained that “the majority of detections come from countries of Eastern Europe.” Schrott says “However, this trojan can reach every online player.”
As shown in the graph below, the majority of infected computers was found in Russia ( 36%) and Ukraine (35%), followed by Kazakhstan (11%) and Belarus (10%). Schrott said the victims were also targeted in the Czech Republic, Poland and Hungary.
How to control the possible presence of Odlanor on his computer (and remove)
“We detected for the first time Odlanor April 19″ revealed a representative ESET PokerNews. “But later, we found that some computers were affected by a different version of the program ( Win32 / Spy.Odlanor.A ) – we can therefore say that there are two versions Odlanor of outstanding. The good news is that we can detect and remove both.
“From a technical point of view, we recommend people to control their computer and check if is Odlanor present or not. We have a free scanner available online that everyone can use, which is not content only to detect the malware but removes it.
How checker if Odlanor is present on your computer?
“If you find that your machine is infected, we recommend that you change all passwords stored in your ordnateur “continues ESET representative.
Even if PokerStars and Full Tilt do not store passwords locally, ESET says they have reason to believe that “the new version of malvare fact that sending more screenshots. C ‘ Therefore we invite you to change all the passwords as soon as possible if it is found that the computer was infected with Odlanor. “
The forward march is planned only for users Windows Odlanor not a threat to Mac OS and Linux. “Odlanor is malicious software that reaches only machines running Windows, Mac OS and Linux users are not at risk here.”
Odlanor was also identified by Avast Avira .
Russia and Kazakhstan still suspected
The threat Odlanor is not the first players coming from these two countries. Heavy use of bots suspicions PokerStars have already led to a serious investigation last June. The operator has acknowledged that players from Russia and Kazakhstan could potentially use with artificial intelligence to win almost 1.5 million at the tables of Pot Limit Omaha (range 0.5 / 1 $ and $ 1/2).
The investigations were revealed by the forum TwoPlusTwo when two regulars players PLO tables have expressed their suspicions and asked PokerStars launch checks.
Charges based on extensive statistical data showing the betting Similar patterns of offending players with particularly squeezes preflop with identical characteristics, performed much more frequently than regular players to these limits.
The statistical evidence became even more alarming after the in-depth analysis by a Member of TwoPlusTwo, “Schwein”, which showed the difference between a legitimate and a suspected player to use the Using Artificial Intelligence
The graph below -. published by “Schwein” shows clearly that normal players have differences of values between 600 and 1200, while the suspects take in only a few dozen points.
It is not possible for time to prove correlations between the use of these bots and malware in Omaha Odlanot but ESET does not exclude this possibility, especially as Schrott recognizes “we do not know yet if users manually Odlanor play or if they use computer programs.”
More information is available on SiliconeRepublic.
No comments:
Post a Comment