According to We Live Securty, there is a new malware called Win32/Spy.Odlanor that infects computers via installation of poker related utilities and allows the makers of the virus to cheat. Apparently, this new malware has only been found in the wild since March of 2015 and mostly is affecting users in Russia and the Ukraine.
Once the user is infected, the malware will wait for the user to use PokerStars and Full Tilt Poker and send screen captures of the user playing on those sites. This gives the malware maker the ability to see which poker site, username and table the user is playing on. Then the malware maker can join the table and play against the user while being able to see the hole cards.
It’s not clear if a live person has to manually play against the infected user or it is an automated process but it’s likely to be the former. If so, this would require a lot more time for the malware maker and would not scale properly once many users are infected. At this point, it seems that only hundreds of users are infected, which by malware standards is not very many.
The only difference is it’s unlikely that the malware maker would be caught with this technique compared to simply hacking into somebody’s bank account and removing the money.
It’s bad enough that we have to worry about identity theft from hackers on a daily basis, but now we have to worry about cheating online players.