From the code snippet, it seems Toolkit.getDefaultToolkit.getScreensize() doesn't account for external monitors - only the primary display. Targeted malware you'd think would use getScreenDevices() or something to account for that - I'd always imaged professional online poker player 'sat' at many tables at once ...presumably using multiple monitors.
I've known online poker players who can play up to 8 at a time, just flipping around on individual windows in 1 screen. I think a lot depends on the stakes of the table, and the style of play. Someone playing aggressive with small stacks on moderate stakes doesn't need to pay attention to the level of someone playing with a large pile in high stakes games.
Since poker is a zero sum game, many pros find it more profitable to be spread out amongst multiple games of amateurs at modest stakes, than at a high risk high stakes table. (Collecting pennies rather than fighting over dollars, or predictable farming versus unpredictable hunting)
High stakes players (best targets for such attacks) usually don't play more than 3-4 tables at once - there just isn't enough action nowadays, and with hundreds of thousands of dollars on the line, even they (they are often multitasking gods by an ordinary human standard) ackonwledge that focusing on smaller number of tables might be a good idea...
That's an interesting catch. I'm guessing the gap was because the attacker commissioned the software at low cost, and didn't spot the problem. That said, the attack would still work well because Jeans plays nosebleed stakes[1], so he's not likely to be playing a huge number of games at a time, and he travels regularly for live games so he's likely to be on a standalone laptop.
Multi-monitor setups are very common in the poker world, but the primary monitor would get you a long way. After all, if you sit with him and realize your table isn't on his main screen, you could sit out.
I'm quite glad he thought to drop his computer at F-Secure.
From the code snippet, it seems Toolkit.getDefaultToolkit.getScreensize() doesn't account for external monitors - only the primary display. Targeted malware you'd think would use getScreenDevices() or something to account for that - I'd always imaged professional online poker player 'sat' at many tables at once ...presumably using multiple monitors.