According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014. In this ~4 month period, the botnet managed to steal over 700,000 credentials, distributed as follows:
~600,000 website login credentials stolen
~100,000 email account credentials stolen
~16,000 FTP account credentials stolen
~900 Secure Shell account credentials stolen
~800 Remote Desktop credentials stolen
Over 355 Bitcoins, as well as smaller amounts of various other virtual currencies, appear to have been stolen by the botnet ring. Trustwave values the loss at around $220,000. Almost all of the infected machines were located in Europe, and more than half were located in Germany, Italy, Poland and the Czech Republic.
Speaking with CoinDesk, Trustwave’s Ziv Mador claims that the best way of preventing the attack is also one of the easiest to implement: Turning on encryption.
If they use that option and encrypt their wallets with a strong key, then they should be fine, even if the malware were to infect the digital wallet, the botnet would not be able to generate transactions from that wallet.”