PokerStars players conned by hackers that spy on their hands before betting against them

ers have conned online poker players out of their money by infecting computers with a virus that allows them to spy on players’ cards, according to a malware researcher.

Robert Lipovsky, a senior researcher at Bratislava-based firm Eset, said hackers are contaminating players’ computers with malware, spying on their hands and then betting against them on sites including PokerStars.

The spyware is called Win32/Spy.Odlanor and players have unknowingly been infected by it while downloading apps or software.

Lipovsky found that hundreds have already been duped by the hackers, mainly in Eastern Europe, but warned that all online players were under threat.

He said: “This malware masquerades as benign installers for various general purpose programs, such as Daemon Tools or mTorrent. In other cases, it was loaded onto the victim’s system through various poker-related programs – poker player databases, poker calculators, and so on, such as Tournament Shark, Poker Calculator Pro, Smart Buddy, Poker Office and others.

“Once executed, the Odlanor malware will be used to create screenshots of the window of the two targeted poker clients – PokerStars or Full Tilt Poker, if the victim is running either of them. The screenshots are then sent to the attacker’s remote computer.

“Afterwards, the screenshots can be retrieved by the cheating attacker. They reveal not only the hands of the infected opponent but also the player ID. Both of the targeted poker sites allow searching for players by their player IDs, hence the attacker can easily connect to the tables on which they’re playing.”

Lipovsky added that Eset is unsure whether the criminals are playing the games themselves or using an automated way of conning players.