Slashdot Mirror

← Back to Stories (view on slashdot.org)

What's In Your Hand? This Malware Knows

Posted by timothy on from the know-when-to-pull-the-plug-know-when-to-scan dept.

An anonymous reader writes with the story that ESET researchers have uncovered spyware targeting online poker players, called Odlanor, which works by sending screenshots of a player's game (along with that player's in-game identity) to the attacker; the attacker can then search for the player with that ID, and enjoy an unfair advantage. (Also at The Inquirer.) From the ESET report: In newer versions of the malware, general-purpose data-stealing functionality was added by running a version of NirSoft WebBrowserPassView, embedded in the Oldanor trojan. This tool, detected by ESET as Win32/PSWTool.WebBrowserPassView.B, is a legitimate, albeit potentially unsafe application, capable of extracting passwords from various web browsers. ... The trojan communicates with its C&C, the address of which is hardcoded in the binary, via HTTP. Part of the exfiltrated information, such as the malware version and information identifying the computer, are sent in the URL parameters. The rest of the collected information, including an archive with any screenshots or stolen passwords, is sent in the POST request data.

5 of 68 comments (clear)

  1. Sounds like an opportuntity to fleece the scammers by jandrese · · Score: 4, Insightful

    Unencrypted HTTP back channel? I would be tempted to leave this running and wait for someone to try to use it, then at a crucial times (on a big bet) change what is being sent back to them to make my hand look weaker than it is. Then you tell your AV to nuke it and change your passwords.

    --

    I read the internet for the articles.
  2. Great news by frovingslosh · · Score: 2

    This is great news. I hated only being cheated by the site operators.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  3. Bottom feeders by sysrammer · · Score: 2

    Even without this, it's way too easy to cheat online. From simple collusion between multiple players, to bottom-feeders that spend all their time collecting a few bucks playing several nickle-ante games at once, it all adds up.

    On the internet, there is no such thing as a friendly game of cards.

    --
    His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
  4. Re:Simple solution by JustAnotherOldGuy · · Score: 2

    Here's a simple solution: Don't play poker online.

    Seriously, I've never understood why ANYONE would trust online gambling. You have no idea what's on the other end, it just seems like the most idiotic way to lose your money imaginable. Just how gullible and trusting do you have to be to gamble online??

    At least at a real casino you can SEE the cards and chips and whatnot, but online? Why not just flush your money down the toilet and cut out the middle-man?

    --
    Just cruising through this digital world at 33 1/3 rpm...
  5. Deceptive headline by bigdavex · · Score: 4, Funny

    I assumed this was about porn.

    --
    -Dave