Monday, January 30, 2017
Home / Malware / Pony stealer takes $220k worth of Cryptocurrency

Pony stealer takes $220k worth of Cryptocurrency

Cyber criminals have stolen  about $220,000 worth of bitcoins along with other digital currencies in a large scale global attack that utilizes malware to grab the digital wallets stored on infected pcs, experts said Monday.

The vicious malware strain often known as Pony took the digital coins from numerous wallets from September through January, experts from security firm Trustwave’s Spider Labs published in a article. The malware targeted four different digital currencies, which includes 355 bitcoins, 280 Litecoins, 33 Primecoins, and 45 Feathercoins. The coins were just a small part of the assets seized by Pony.

Throughout the same four-month span, Pony also took credentials for more than 725,000 accounts saved on infected machines. The usernames and passwords include websites, e-mail, FTP, secure shell, and remote desktops.

“This instance of Pony compromised 85 wallets, a fairly low number compared to the number of compromised credentials,” researcher Daniel Chechik at Spider Labs mentioned. “Despite the small number of wallets compromised, this is one of the larger caches of Bitcoin wallets stolen from end-users. It is likely that this low number simply reflects the percentage of people actually using bitcoins and storing their wallets on their local machine, which explains why this number seems to grow as Bitcoin becomes more popular.”

Pony affected users mainly in Europe, with 28.5 percent of infected machines in Germany, accompanied by 11.9 percent in Poland, 10.8 percent in Italy, and 10.2 percent within the Czech republic.

A break down of total credentials stolen:

  • 600,000 website login credentials stolen
  • 100,000 email account credentials stolen
  • 16,000 FTP account credentials stolen
  • 900 Secure Shell account credentials stolen
  • 800 Remote Desktop credentials stolen

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …