Report: Pony botnet virus lifts $220,000 from digital wallets

IT security company Trustwave claims that at least $220,000 in Bitcoin and other virtual currencies has been stolen from digital wallets through the Pony botnet. In a blog posted yesterday, the Chicago-based security services provider claims the Trojan virus-based attacks can steal funds from over 30 types of wallets.

According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014. In this ~4 month period, the botnet managed to steal over 700,000 credentials, distributed as follows:

~600,000 website login credentials stolen

~100,000 email account credentials stolen

~16,000 FTP account credentials stolen

~900 Secure Shell account credentials stolen

~800 Remote Desktop credentials stolen

Over 355 Bitcoins, as well as smaller amounts of various other virtual currencies, appear to have been stolen by the botnet ring. Trustwave values the loss at around $220,000. Almost all of the infected machines were located in Europe, and more than half were located in Germany, Italy, Poland and the Czech Republic.

Speaking with CoinDesk, Trustwave’s Ziv Mador claims that the best way of preventing the attack is also one of the easiest to implement: Turning on encryption.

If they use that option and encrypt their wallets with a strong key, then they should be fine, even if the malware were to infect the digital wallet, the botnet would not be able to generate transactions from that wallet.”