An online tool billed as able to calculate the amount of money taken by poker sites is actually malware designed to steal online poker players' login details.
The rakeback calculator RBCalc.exe, which was distributed on gaming site Checkraised.com, creates a backdoor into users' computers to covertly store gamblers' information.
The program silently drops four executable files into the player's system and uses a rootkit driver to conceal the operation.
The tool's author could then steal log-in information for various online
poker websites including
Having gained access, the hacker could then empty the compromised account by playing poker against themselves and losing on purpose.
Shortly after the discovery, Checkraised.com removed the offending file from its website and issued an official statement advising users to change their poker site passwords as well as offering instructions for manually removing the malware.
"Following the exponential rise of interest in online poker, it is inevitable that malware authors would follow suit with programs to separate players from their money," said Kimmo Kasslin, a researcher at F-Secure's data security laboratory.
"What is significant is the fact that this particular scam was hosted, albeit unwittingly, on a legitimate site and used rootkit technology to cloak itself."
F-Secure warned players that standard security software from the bigger vendors would not have protected against this rootkit exploit.
Electronics and computer chain the latest high street retailer to fall into difficulties
Incisive Media and Investec Asset Management supported fundraiser crosses Atlantic in 40 days
Alphabet's health sciences division Verily have been messing with AI algorithms
North Korea's cyber attack capabilities are expanding fast - and turning their fire on a wider range of targets