We've just gotten word of a disturbing incident that has worrisome ramifications for online poker players. The popular software package PokerTracker was hacked, and credit card information was forwarded to scammers. This vulnerability was first reported Aug. 8 and has since been fixed.

UPDATE - Aug. 26, 2019: New information has been revealed by Max Value Software, the developers of PokerTracker. We have updated this article accordingly.

⚠ CAUTION If you purchased PokerTracker or any related add-ons or extras, like TableNinja, from Dec. 23, 2018 till Aug. 8, 2019, then there is a chance that your credit card data was compromised. We advise you to take precautionary measures, like examining your card statement and history for any suspicious transactions NOW. At the end of the month, when your bill arrives, also take a good look at it for any discrepancies. For future purchases, you should consider the use of virtual credit card numbers. These one-time-use numbers help protect you from fraud and are supported by a wide array of reputable card issuers, like Bank of America and Capital One.

Details About the Hack

As first reported by computer security firm Malwarebytes, the crooks targeted the pokertracker[dot]com and pt4[dot]pokertracker[dot]com domains. Once a visitor accessed these sites, a hidden HTTP request retrieved a malicious bit of JavaScript code from the domain ajaxclick[dot]com.

When this code ran, it copied any credit card forms that the visitor completed and forwarded that data to the scammers. According to Malwarebytes, the ajaxclick[dot]com domain contains numerous “credit card skimmers” that have been designed to target traffic going to particular websites.

Researchers at first suspected that the PokerTracker executable itself had been compromised, but they immediately realized that this was not the case. Rather, certain areas of the software's display present web content fetched from the company's web servers. It was these machines that had been hacked, transmitting the offending code both to people who visited the website in their browsers as well as those viewing the compromised pages from within the PokerTracker program.

By Default, PokerTracker Displays a “Community” Web Page on Startup By Default, PokerTracker Displays a “Community” Web Page on Startup

The reason the attackers were able to insert their venomous code in the first place was because the PokerTracker website runs on Drupal version 6.3, which is old and known to have security holes.

Discovery and Resolution

The exploit was first reported on Aug. 8 by a Malwarebytes user:

Notably, the Malwarebytes software suite was already aware that the rogue domain ajaxclick[dot]com was associated with fraud, and it alerted this user to the issue. Thus, if you routinely run an anti-malware program, it's entirely likely that you were protected from harm even before this particular PokerTracker vector of the threat became public knowledge.

After conducting an investigation, Malwarebytes let PokerTracker know what was taking place on Aug. 8. The offending Drupal module was then disabled within the hour. PokerTracker also updated its Content Security Policy settings to prevent similar incidents from occurring in the future.

Although it was theoretically possible for credit card numbers to be compromised, there's no strong evidence to give us an answer either way as to whether or not this information was actually stolen. Similarly, we don't know if anyone's PokerTracker.com user name or password was intercepted, but either way, the company recommends that everyone who might have been affected change his or her log-in details right away.

PokerTracker Works for Both Hold'em and Omaha, and There are Versions for PC and Mac PokerTracker Works for Both Hold'em and Omaha, and There are Versions for PC and Mac

Find Out More About PokerTracker

Though the recently detected phishing attempt against PokerTracker users is a reason for concern, the speed with which it was addressed and the lack of similar lapses over more than a decade argue in favor of the competence of the PT developers. It's a very versatile and well-rounded poker tracking package, and it can prove instrumental in enhancing the winrate of virtually any online poker player.

To learn more about this useful program, including how to purchase it today, check out our PokerTracker review.

EDITOR'S NOTE: As of the time of publication, PokerTracker has not responded publicly about this security breach, nor have they responded to our requests for comment on this article.

UPDATE - Aug. 26, 2019: The creators of PokerTracker got back to us and gave us their official response, which was also released on the PT support forums. It is reproduced in full below: