As the old saying has it...
... if you sit down at a poker table and you can't tell who is the sucker, it's you!
Spyware is targeting users of the Full Tilt Poker and PokerStars online games – and it is said to allow cheats to get a sneaky advantage over honest players. The malware, named Odlanor, first checks if PokerStars or Full Tilt Poker is running before taking screenshots of the infected player’s virtual poker hand and their …
As much as I enjoy the game I have always been wary of online.
As it is essentially a game heavily reliant on multiple sources of information relating to your opponents, online play cuts this information stream down,increases the variables and therefore the luck element.
This creates a market for the support programs mentioned to compensate, resulting in an attack vector external to the game to really gain an edge....
You are saying having less information (physical tell) on your opponent actually increases the luck(probability) element. Probability is constant, there are always 52 cards in the deck, the odds of hitting your card will never change.
I would argue you actually have more information at your fingertips playing online. Hand tracking programs will allow me to save and analyse 000,000's of hands on my opponent, my stupid human brain would never remember all of that playing live. With all of this data I can find interesting patterns in your betting that I would never get live.
OK, I can see why you see it like that, I actually meant the proportion of the decision attributed to luck would be more given less supporting information, however these decisions are very soft there are no hard and fast rules.
I don't doubt the online tools appear useful, they would need to if the goal of the developer is to introduce a trojan as per the article subject.
Regarding hand tracking programs though, I genuinely don't see the advantage. I personally don't play the same two hole cards the same way with any consistency. Not to labour the point but it depends on the information. In a live gave that is all received in the first person, there is no intermediary and least risk of modification.
NirSoft's utilities are very useful, I use them regularly. It's disconcerting to see WebBrowserPassView used in this way.
As it is, many antivirus programs already over-target these utilities, thus often overly frightened users do not use them for this reason. The most targeted utility of these antivirus programs is the combiner/launcher NirLauncher.
It seems to me that antivirus software writers could be more responsible by explaining the issues of this type of utility rather than deliberately nuking them. For example, upon detection, AV software could, say, offer the user a sandbox-like function until he/she wishes to use them–and only free them upon a specific requests/input from the user.
Incidentally, I have an obvious way to stop AV software nuking or attempting to nuke perfectly good utilities that may have escaped some of you. I encrypt my utilities directory from the context menu using Axantum Software's AxCrypt but any equivalent would do. By keeping susceptible utilities encrypted AV software just passes over them. When I need to use them, I simply disengage the AV software's real-time/resident mode.
rare? You must be kidding. This kind of poker spyware has been around for years, I've lost count of the number of PCs belonging to poker players that I've had to sanitise. Keyloggers, remote viewing apps, backdoors......the list is endless
The problem is, the kind of people who play online poker (or gamble) online are all clueless idiots with no tech knowledge, do everything at a rush, and click on anything and everything they see without consideration.
However despite that, its my firm belief that many of the online poker applications are - or at least were in the past - actually trojaned at point of manufacture to enable the game organisers to ensure an advantage. I'm convinced the games are rigged at point of installation
NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware, though these customers include "more than five" European Union member states.
The surveillance-ware maker's General Counsel Chaim Gelfand refused to answer specific questions about the company's customers during a European Parliament committee meeting on Thursday.
Instead, he frequently repeated the company line that NSO exclusively sells its spyware to government agencies — not private companies or individuals — and only "for the purpose of preventing and investigating terrorism and other serious crimes."
Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).
RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.
We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.
The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.
Once the data – including the user's name, the card's numbers and expiration information – is exfiltrated, the malware will send it to command-and-control (C2) servers that are different than the one that the card stealer module uses, according to researchers with cybersecurity vendor Proofpoint's Threat Insight team.
The new card information module is the latest illustration of Emotet's Lazarus-like return. It's been more than a year since Europol and law enforcement from countries including the United States, the UK and Ukraine tore down the Emotet actors' infrastructure in January 2021 and – they hoped – put the malware threat to rest.
Windows and Linux systems are coming under attack by new variants of the HelloXD ransomware that includes stronger encryption, improved obfuscation and an additional payload that enables threat groups to modify compromised systems, exfiltrate files and execute commands.
The new capabilities make the ransomware, first detected in November 2021 - and the developer behind it even more dangerous - according to researchers with Palo Alto Networks' Unit 42 threat intelligence group. Unit 42 said the HelloXD ransomware family is in its initial stages but it's working to track down the author.
"While the ransomware functionality is nothing new, during our research, following the lines, we found out the ransomware is most likely developed by a threat actor named x4k," the researchers wrote in a blog post.
Microsoft is extending the Defender brand with a version aimed at families and individuals.
"Defender" has been the company's name of choice for its anti-malware platform for years. Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "the protection already built into Windows Security beyond your PC."
The system comprises a dashboard showing the status of linked devices as well as alerts and suggestions.
Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.
Dubbed Symbiote, the badware instead hijacks the environment variable (LD_PRELOAD) the dynamic linker uses to load a shared object library and soon infects every single running process.
The Intezer/BlackBerry team discovered Symbiote in November 2021, and said it appeared to have been written to target financial institutions in Latin America. Analysis of the Symbiote malware and its behavior suggest it may have been developed in Brazil.
If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year.
RansomHouse says it obtained the files from an intrusion into AMD's network on January 5, 2022, and that this isn't material from a previous leak of its intellectual property.
This relatively new crew also says it doesn't breach the security of systems itself, nor develop or use ransomware. Instead, it acts as a "mediator" between attackers and victims to ensure payment is made for purloined data.
Europol cops have arrested nine suspected members of a cybercrime ring involved in phishing, internet scams, and money laundering.
The alleged crooks are believed to have stolen "several million euros" from at least "dozens of Belgian victims," according to that nation's police, which, along with the Dutch, supported the cross-border operation.
On Tuesday, after searching 24 houses in the Netherlands, officers cuffed eight men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and Spijkenisse, and a 25-year-old woman from Deventer. We're told the cops seized, among other things, a firearm, designer clothing, expensive watches, and tens of thousands of euros.
RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.
The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.
This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers.
America's Federal Trade Commission has sued Walmart, claiming it turned a blind eye to fraudsters using its money transfer services to con folks out of "hundreds of millions of dollars."
In a lawsuit [PDF] filed Tuesday, the regulator claimed the superstore giant is "well aware" of telemarketing fraudsters and other scammers convincing victims to part with their hard-earned cash via its services, with the money being funneled to domestic and international crime rings.
Walmart is accused of allowing these fraudulent money transfers to continue, failing to warn people to be on their guard, and failing to adopt policies and train employees on how to prevent these types of hustles.
Biting the hand that feeds IT © 1998–2022