Investigations into the computer thefts at the European Poker Tour stop in Barcelona earlier this year have confirmed that the computers in question were infected with a Trojan program.

The website F-Secure.comdetailed the story in a special blog on Tuesday. In September, professional poker player Jens Kyllonen was the victim of one of the EPT Barcelona thefts, which he detailed on the Two Plus Two forums. In that caper, Kyllonen stated that his computer mysteriously disappeared from his hotel room and, after several hours of searching, it suddenly reappeared in his room apparently no worse for wear. Kyllonen and another player, Henri Jaakkola, who shared a hotel room in Barcelona with Kyllonen, were victims of these “disappearances,” as were other players.

Suspicious that his computer had been compromised in some fashion, Kyllonen asked the F-Secure team to look over his laptop. “This is quite important,” F-Secure wrote, “as laptop security is paramount for professional poker players, especially those who play online.” After a thorough examination of Kyllonen’s machine, F-Secure’s computer forensics team discovered that Kyllonen was correct in his assumptions that his laptop had been compromised.

“There was a Remote Access Trojan with timestamps coinciding with the time when the laptop had gone missing,” the F-Secure team revealed. The Trojan was a simple one that the attacker could carry around on a USB stick and, with a few keystrokes, install it and make it operate whenever the computer was restarted. The particular Trojan used on Kyllonen’s system was something that would have compromised his abilities to play online.

Through a series of screenshots, the F-Secure team demonstrated what the Trojan allowed the attacker to do. The attacker, if he were in action at the same online table as his victim, would be able to see what hole cards the victim held. In theory, the attacker could take the victim for a large amount of money. After analysis of Jaakkola’s laptop, F-Secure was able to determine that his computer was infected with the same program.

The F-Secure team’s analysis of the Trojan could send a chill through any high-stakes online player. “This kind of attack is very generic and works against any online poker site that we know of,” F-Secure wrote. “The Trojan is written in Java and uses obfuscation (a method of hiding the Trojan from anti-virus programs)… The malware can (also) run in any platform (Mac OS, Windows, and Linux).”

F-Secure pointed out that this isn’t the first time that high-stakes online players and their laptops have been the target for thieves: “We have investigated several cases that have been used to steal hundreds of thousands of Euros. What makes these cases noteworthy is they weren’t online attacks; the attacker went through the trouble of targeting the victim’s systems.” F-Secure has gone as far as to coin a new term for the attempted hacks – “sharking” – comparing them to Whaling attacks against businessmen and their equipment.

The team at F-Secure offered several tips to ensure the security of laptops. “If you have a laptop that is used to move large amounts of money, take good care of it,” its authors wrote. “Lock the keyboard when you step away; put it in a safe when you’re not around; encrypt the disk to prevent offline access; don’t surf the web with (a poker laptop), use another laptop or device for that purpose.”

What tips do you have? Comment here and let us know.

Want the latest poker headlines and interviews? Follow PocketFives on Twitterand Like PocketFives on Facebook. You can also subscribe to our RSS feed.