A new virus making the rounds on the Internet enables cybercriminals to take screenshots of opponents’ hands on popular poker sites such as PokerStars and Full Tilt. The spyware, which takes screenshots of the infected player’s virtual poker hand, is designed to allow the malware operator to cheat during online games. Like a typical computer trojan, users usually get infected with Win32/Spy.Odlanor unknowingly when downloading some other, useful application from sources different than the official websites of the software authors.
Once executed, the Odlanor malware will be used to create screenshots of the window of the two targeted poker clients – PokerStars or Full Tilt, if the victim is running either of them. The screenshots are then sent to the attacker’s remote computer.
Afterwards, the screenshots can be retrieved by the cheating attacker. They reveal not only the hands of the infected opponent but also the player ID. Both of the targeted poker sites allow searching for players by their player IDs, hence the attacker can easily connect to the tables on which they’re playing.