Botnet Steals Data, Virtual Currencies

Wednesday, February 26, 2014 @ 03:02 PM gHale


Using the Pony botnet, bad guys have been able to garner a nice cache of information from websites, email accounts, FTP servers and virtual currency, new research found.

Between September 2013 and mid-January 2014, these cyber bad guys stole over 700,000 credentials, 600,000 of which are for websites, 100,000 for email accounts, 16,000 for FTP servers, 900 for SSH, and 800 for Remote Desktop, according to a report from Trustwave’s SpiderLabs.

RELATED STORIES
Trojan Slowed, but not Gone
Trojan Remains a Danger After Deleted
Fake Ads on the Attack
Europe Hit by Yahoo Hack

Based on data from the control panel of the attack, researchers found after four months of stealing information, the cybercriminals decided to stop the operation.

Most stolen credentials were in Germany (41,177), then Poland (17,214), Italy (15,672), the Czech Republic (14,835), Bulgaria (7,063), France (5,513), Croatia (4,725), Peru (4,616), India (2,761) and Vietnam (2,234).

Close to 80,000 Facebook accounts have felt the impact, followed by ones on accounts.google.com (13,740), nk.pl (13,169), seznam.cz (11,712), profil.wp.pl (8,036), abv.bg (6,589), yahoo.com (6,554), szn.cz (6,175), google.com (5,842) and pl-pl.facebook.com (3,974).

The Pony botnet has also targeted Bitcoin and other virtual currency wallets. Experts found the cybercriminals have stolen $220,000 worth of virtual currencies.

In addition to Bitcoin, the list also includes Litecoin, Feathercoin, Fastcoin, Bytecoin, Namecoin, Mincoin, Zetacoin and many others. In total, around 30 virtual currencies ended up targeted.

Because of the high value of Bitcoin, the attackers didn’t even have to compromise a large number of wallets. They only hijacked 85, out of which they transferred 355 Bitcoins, 280 Litecoins, 33 Primecoins and 46 Feathercoins.

While stealing money from bank accounts is becoming increasingly difficult for cybercriminals, when it comes to Bitcoin heists, there are a number of advantages. First of all, while all transactions are public, they’re also irreversible.

This means if someone empties your wallet, there’s nothing you can do about it. There’s no one who can put the “money” back into the wallet and the accounts cannot end up frozen to prevent theft.

Cybercriminals simply need to transfer the funds into their account on a trading website, convert the virtual coins to a real currency and move the money into their bank account.
Click here for more information from SpiderLabs.



Leave a Reply

You must be logged in to post a comment.