Sunday, May 21, 2006

More on Poker Rootkit, With Screenshots

I posted about RBCalc.exe yesterday and how it can steal your online poker winnings. There is some more information on the F-Secure blog about it along with some screen shots. In addition to partpoker.com and Empirepoker.com, there are many other sites affected as well.

PartyGaming.exe
mppoker.exe
poker.exe
gameclient.exe
ultimatebet.exe
absolutepoker.exe
mainclient.exe
pokerstars.exe
pokerstarsupdate.exe
partypoker.exe
fulltiltpoker.exe
pokernow.exe
multipoker.exe
empirepoker.exe
eurobetpoker.exe

F-Secure detects this trojan as Backdoor.Win32.Small.la although other security programs may call it something else.

0 comments:

Sitemeter