21 May 2006 | 7,724 views

What Next? The Poker Rootkit of Course!

Check For Vulnerabilities with Acunetix

Ok so the list gets even BIGGER, after the WoW Trojan, Trojan for World Cup Fans, Ransomeware and the buy a spyware kit story

Now we proudly present, the Poker Rootkit!

For online poker players, this was always going to be a losing hand.

A Trojan with malicious rootkit features hidden in a legitimate software package distributed by online gaming tools vendor Check Raised has the ability to hijack log-in information for multiple online poker Web sites, according to a warning from Finnish security vendor F-Secure.

The spying Trojan, identified as Backdoor.Win32.Small.la, was built into a Rakeback calculator application (RBCalc.exe) distributed by Check Raised to help online poker players keep track of scaled commission fees taken by the Web site operator.

Pretty clever stuff.

When the spying component is initialized, it starts a keystroke logger and connects to a remote server that is programmed to send instructions to the infected machines. The instructions range from the downloading of executable files, the uploading of stolen information, the shutdown of the Trojan and the ability to send application screenshots.

The backdoor also sends out sensitive information to remote servers, including keylogger database, computer name, and the username and password of several online poker programs.

What I thought was really clever was the way in which the application took money from users, it’s not direct, it’s very smart in fact!

An anti-virus company says the rootkit is particularly malicious because the hacker could take a victim’s money without making it look stolen — by using the passwords to log on to a poker site, then playing very badly against players controlled by the hacker. The victims are then left with little recourse, since it looks like they just lost their money during normal play.

Smart stuff.

Source: eWeek



Recent in Malware:
- Windows Registry Infecting Malware Has NO Files
- FakeNet – Windows Network Simulation Tool For Malware Analysis
- Microsoft’s Anti-Malware Action Cripples Dynamic DNS Service No-IP

Related Posts:
- Sophos Offers Free Rootkit Detection Tool/Software
- Azazel – Userland Anti-debugging & Anti-detection Rootkit
- US considers banning DRM rootkits – Sony BMG

Most Read in Malware:
- Nasty Trojan Zeus Evades Antivirus Software - 77,294 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,444 views
- US considers banning DRM rootkits – Sony BMG - 44,926 views

Low-cost VPS Hosting

Comments are closed.