05:38 PM

Online Poker Site Dealing Trojan

The Trojan was protected by a rootkit that hid its operation from anti-virus software.

Gamblers have been dealt a bad hand with the discovery of a Trojan and virus-cloaking rootkit on a site dedicated to online poker.

The malware was recently discovered in a rake calculator, known as RBCalc or RBCalc.exe, that was distributed through The site confirmed the malware and said it had removed it from the site.

A third-party developer hired by created the application containing the malicious code. Security vendor F-Secure Corp. said the Trojan runs each time the Rakeback calculator is launched. The purpose of the virus is to collect login information for various online poker Web sites and send them back to the malware author.

In addition, the Trojan was protected by a rootkit that hid its operation and launch point from a computer's registry from anti-virus software. F-Secure sent a copy of the malware to May 11, and the application was removed from the site the next day. It was not known how many visitors had installed the software on their computers.

In announcing the discovery Thursday, gave instructions on how to remove the Trojan and rootkit, and advised people whose machine were infected to change all their poker site passwords.

The site also said that development of executable software would be developed in-house from now on to ensure safety.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.