“Pony” botnet pilfers digital coins worth $220,000 in sustained attack

A geographic break down of computers infected by Pony.
Spider Labs

Criminals have pilfered about $220,000 worth of bitcoins and other digital currencies in a sustained, global attack that uses malware to steal the digital wallets stored on infected computers, researchers said Monday.

The malicious application known as Pony stole the digital loot from 85 wallets from September through January, researchers from security firm Trustwave's Spider Labs division wrote in a blog post. In all, the malware stole coins from at least four different digital currencies, including 355 bitcoins, 280 Litecoins, 33 Primecoins, and 45 Feathercoins. The coins were only a small part of the assets seized by Pony. During the same four-month span, Pony lifted credentials for more than 725,000 accounts. Those user names and passwords controlled access to accounts for websites, e-mail, FTP, secure shell, and remote desktops.

"This instance of Pony compromised 85 wallets, a fairly low number compared to the number of compromised credentials," Spider Labs researcher Daniel Chechik wrote. "Despite the small number of wallets compromised, this is one of the larger caches of Bitcoin wallets stolen from end-users. It is likely that this low number simply reflects the percentage of people actually using bitcoins and storing their wallets on their local machine, which explains why this number seems to grow as Bitcoin becomes more popular."

Read 5 remaining paragraphs | Comments