dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2677

CalamityJane
Premium Member
join:2002-08-27
Eustis, FL

1 recommendation

CalamityJane

Premium Member

Poker gamers targeted by a rootkit backdoor

Headsup online Poker fans. This courtesy of fellow MS MVP dvk01 as he has found some of these in the wild since May 5 so it's out there.
quote:
This press release comes from F-Secure. For more information on F-Secure's
mailing list policy, see end of message.

PRESS RELEASE

For release May 16, 2006

Poker gamers targeted by a rootkit backdoor

An online poker backdoor, covertly storing gamblers' information for
potential theft has been uncovered by F-Secure rootkit detection technology,
Blacklight. Rootkits are used by malware authors to hide malicious
software.The online tool RBCalc.exe, also known as a Rakeback calculator,
has been distributed from a gaming site Checkraised.com.

The backdoor, a method for securing illegal remote access to a computer was
created by silently dropping four executable files into the user's computer
and using a rootkit driver to conceal the operation. With this in place, the
tool's author could access login information from the user's computer for
various online poker websites including Partypoker, Empirepoker,
Eurobetpoker and Pokernow. Having gained access, the hacker could then play
poker against himself, losing on purpose and reaping the rewards.

Shortly after the discovery, Checkraised.com removed the offending exe file
from its website and issued an official statement on its website advising
users to change their poker site passwords as well as offering instructions
for manually removing the malware.

Speaking about the case, Kimmo Kasslin, a researcher at F-Secure's Data
Security Laboratory said: "Following the exponential rise of interest in
online poker, it is inevitable that malware authors would follow suit with
programs to separate players from their money. What is significant is the
fact that this particular scam was hosted, albeit unwittingly on a
legitimate site and used rootkit technology to cloak itself. Without our
unique Blacklight technology to detect it, many online gamblers could have
become victims of this exploit."

Kasslin continued: "Malware authors are increasingly wise to standard
antivirus and intrusion techniques and are constantly looking for a new
exploits. Having standard data security software from the bigger vendors
would not have protected you against this rootkit exploit. F-Secure's
software does."

F-Secure advises those who have downloaded and executed this binary provided
by checkraised.com, to check their systems immediately for possible
infection. A free scan is available from our new F-Secure Online Scanner
Next Generation Beta, which also now has rootkit detection capabilities
through the F-Secure BlackLight engine.

To view the full statement issued by Checkraised.com, go to:
»www.checkraised.com/site ··· calc.php

For a technical description and for a screenshot of the malicious RBCalc
application: »www.f-secure.com/v-descs ··· la.shtml

For F-Secure Internet Security 2006 with with Blacklight technology:
»www.f-secure.com/estore/

MrBradTX
join:2001-05-23
Carrollton, TX

MrBradTX

Member

Seems that gambling tends to attract the criminal element in the cyber world as well as the real world.

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger to CalamityJane

MVM

to CalamityJane
Remind me again why I don't play online poker.

Good find and notice for anyone who does play.

Blake

CalamityJane
Premium Member
join:2002-08-27
Eustis, FL

CalamityJane

Premium Member

I see a lot of the poker games installed in the many Hijackthis logs I look at. It's also become a favorite of the younger teens set. Had a parent who found his child had been installing Party Poker behind their back and uninstalling it after playing to hide it. That was on the family PC. I would urge all parents to heads up and make sure you have the kids on Limited User accounts and NOT an admin account.

EGeezer
Premium Member
join:2002-08-04
Midwest

1 recommendation

EGeezer to CalamityJane

Premium Member

to CalamityJane
The people I see playing online poker in our area are a mix of what folks used to call yuppies, the little old ladies who frequent Bingo nights and the retired guys who used to play with their buddies in the garage.

The gambling sites are right up there with the porn, smileys, free music, ringtones, shade tree search sites and lyrics in terms of distributing crapware.
dave
Premium Member
join:2000-05-04
not in ohio

dave to CalamityJane

Premium Member

to CalamityJane
Having gained access, the hacker could then play
poker against himself, losing on purpose and reaping the rewards.
Hey, that's pretty clever.

psicop
More human than human
Premium Member
join:2005-12-21
Australia

psicop to CalamityJane

Premium Member

to CalamityJane
quote:
I would urge all parents to heads up and make sure you have the kids on Limited User accounts and NOT an admin account.
You are too nice!

I would give them a good flog and ban them from using the PC for a week. Children learn best the hard way.

G.
psicop

psicop to MrBradTX

Premium Member

to MrBradTX
quote:
Seems that gambling tends to attract the criminal element in the cyber world as well as the real world.
And much more for sure!

G.

CalamityJane
Premium Member
join:2002-08-27
Eustis, FL

CalamityJane to psicop

Premium Member

to psicop
said by psicop:

You are too nice!

I would give them a good flog and ban them from using the PC for a week. Children learn best the hard way.

G.
Well, my point was to do that as a preventative measure now before there is a problem. Don't wait for one of the kids to download something stupid (or dangerous). Because we know kids can do the darndest things And sadly, may not think about the risks or even be aware of them. LOL, upon reflection, I guess that can be said for users of any age. But yes, the gambling programs and even the gambling sites are dangerous, because they smell of money and and that makes the people who visit them prime targets of fraud or exploit. So those who do use the online gambling, need to be extra cautious. It's not for newbies.
dave
Premium Member
join:2000-05-04
not in ohio

dave to CalamityJane

Premium Member

to CalamityJane
I had an IM that suggested I was joking when I said it was a clever attack. Not at all - I really did think it was a pretty good hack.

After all, what you end up with is the problem of distinguishing (a) some guy whose poker account has been hacked into, and (b) some guy who was a lousy poker player and doesn't want to pay his debts.

The fact that online poker has a slightly disreputable reputation only adds to the cover story.

Just because it's a clever method doesn't mean I approve, of course.

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger to CalamityJane

MVM

to CalamityJane
Reality of the matter is, you don't need a rootkit to fleece someone with online poker. If your the mark and everyone else at the table is sharing information as to what cards they have and they are running odds generation software based on the shared knowledge, odds are pretty good your going to lose your money.

Frankly I often have a hard time determining which is lower on the scum meter, porn or gambling.

Blake

AB57
Premium Member
join:2006-04-04
equatorial

AB57 to EGeezer

Premium Member

to EGeezer
said by EGeezer:

The gambling sites are right up there with the porn, smileys, free music, ringtones, shade tree search sites and lyrics in terms of distributing crapware.
Truer words never spoken! No doubt there are a couple of legit sites out there somewhere, but why bother-- the risks of infection are just too great. I can't figure out how that Golden Palace Casino stays in business. Gambling is a secondary operation with them, lagging far behind the distribution of malware (not to mention the tattooing of boxers and the purchasing of Iconic grilled-cheese sandwiches!) Not only that, but the thrill of physically sitting at a poker table, facing actual human opponents, with beautiful women catering to my libationary needs, can never (to me anyway) be duplicated in front of a computer!
AB57

AB57 to Link Logger

Premium Member

to Link Logger
said by Link Logger:

Frankly I often have a hard time determining which is lower on the scum meter, porn or gambling.
That would be gambling. I'm personally unaware of any malware-free gambling sites, but I can steer you towards plenty of safe hot babe sites if you'd like!

Rogue Wolf
An Easy Draw of a Sad Few
join:2003-08-12
Troy, NY

Rogue Wolf to CalamityJane

Member

to CalamityJane
said by CalamityJane:

I would urge all parents to heads up and make sure you have the kids on Limited User accounts and NOT an admin account.
I'll tell you what... if I found out that my child was A) gambling online and B) had gotten my computer "owned" through it, the next computer they would be touching would be the one they buy for THEIR own place!

Seriously, between the stacked odds, the cheating and the criminal element looking to empty your wallet however they can, I have to ask- is gambling (online OR off) even worth it?
cubs4eva
Premium Member
join:2004-04-29
Aurora, IL

cubs4eva to CalamityJane

Premium Member

to CalamityJane
I play online poker on ESPN.com and never have any problems although I admit to being a bit oblivious to malware or whatever it is. Espn poker is free so not really gambling and if you win enough games you can receive prizes.

ZZZZZZZ
Premium Member
join:2001-05-27
PARADISE

ZZZZZZZ to CalamityJane

Premium Member

to CalamityJane
I've been playing with Pokerstars software and online @ Pokeroom for months and both are safe with nothing going on in the background!

Both are owned by Mohawk technologies!

AB57
Premium Member
join:2006-04-04
equatorial

AB57 to cubs4eva

Premium Member

to cubs4eva
said by cubs4eva:

I play online poker on ESPN.com and never have any problems although I admit to being a bit oblivious to malware or whatever it is . . .
ESPN may well be a safe site. Certainly high-profile. But you'd better stop being "oblivious to malware", or you'll wake up one morning with no money left in your bank account, somebody else holding the mortgage on your home, or massive credit-card expenditures that you don't remember making!
If you own a computer, you owe it to yourself & to others to become part of the solution, not part of the problem!