The trouble with most malware, is that it’s often completely pointless – little more than electronic vandalism. Sure your computer can be held to ransom by some eastern block computer geek (like who pays those), or your computer recruited into a massive global botnet to cause even more chaos – but it’s all kinda vague and desperate.
So it’s quite cool to see something like odlanor, a clever piece of malware which is designed with a single, very specific goal – to cheat at online poker. Once installed the virus has a single goal to reveal the cards of any infected player when he’s playing online poker.
The malware specifically targets only users who access two of the largest online poker sites – Pokerstars and Full Tilt Poker. Once they are infected the attacker will attempt to join the tables where any victims are playing – obviously with a huge advantage as they can see all of the victim’s cards.
The delivery mechanism seems to be through infected software and downloads across the internet. This is also targeted though by infecting poker related programs such as player databases, poker calculators and odds programs. These are distributed across various torrent sites and piggy back the installers of these applications.
When Odlanor is installed it will sit quietly and search for windows from either Pokerstars or Full Tilt poker windows. When these are detected, screenshots are taken and sent to the command server. These screen shots contain both the players hands and their player id which makes it much easier to detect infected players using the search functions.
The malware currently seems to be spreading largely across Eastern European countries, which may be the origin of the virus. Several hundred infected players have been detected in the last few weeks. There is no doubt though that it poses a potential threat to any online poker player and it’s likely the code will be adapted to cover other similar sites other than Poker Stars and Full Tilt Poker.
So if you’re an online poker player who downloads his apps through torrents, you should be cautious and make sure that your computer is thoroughly virus checked any up to date, mainstream virus checker should detect Odlanor.
For me it wouldn’t make much difference as I always get hammered when taking part in any online gambling.