The Trojan was protected by a rootkit that hid its operation from anti-virus software.
Gamblers have been dealt a bad hand with the discovery of a Trojan and virus-cloaking rootkit on a site dedicated to online poker.
The malware was recently discovered in a rake calculator, known as RBCalc or RBCalc.exe, that was distributed through CheckRaised.com. The site confirmed the malware and said it had removed it from the site.
A third-party developer hired by CheckRaised.com created the application containing the malicious code. Security vendor F-Secure Corp. said the Trojan runs each time the Rakeback calculator is launched. The purpose of the virus is to collect login information for various online poker Web sites and send them back to the malware author.
In addition, the Trojan was protected by a rootkit that hid its operation and launch point from a computer's registry from anti-virus software. F-Secure sent a copy of the malware to CheckRaised.com May 11, and the application was removed from the site the next day. It was not known how many visitors had installed the software on their computers.
In announcing the discovery Thursday, CheckRaised.com gave instructions on how to remove the Trojan and rootkit, and advised people whose machine were infected to change all their poker site passwords.
The site also said that development of executable software would be developed in-house from now on to ensure safety.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.