F-Secure

If you think laptops used to move large sums of money are highly sensitive instruments, you’re right. Just consider the experience of Jens Kyllönen, a high-rolling professional poker player who is a fixture in both real-world tournaments and online card rooms.

In September, while participating in the European Poker Tour event in Barcelona, Kyllönen returned to his hotel room to find that his room key no longer unlocked his door. After finally gaining access, he discovered the Fujitsu Celsius laptop that he left inside was missing. When he returned later, the computer was mysteriously back in its place. The poker player, who had winnings in the range of $ 2.5 million in the past year, suspected something was amiss, so he asked researchers at F-Secure, a Finland-based antivirus provider, to take a look.

Sure enough, the forensic examination revealed that a RAT—short for a remote access trojan—had been installed on the machine during a time coinciding with its brief disappearance in Barcelona. The RAT was programmed to silently start each time the computer was turned on. Among other things, it gave the operator the ability to view the cards Kyllönen was holding when playing online hands of poker. Assuming the operator was sitting at the same virtual table, this unfair advantage would allow him to know when to hold or fold based on the cards Kyllönen had.