In December of 2013 security researchers from Trustwave's SpiderLabs they discovered that about 2 million account credentials had been stolen by cyber criminals with the help of a botnet called Pony. Experts report that in addition to credentials, Pony has also been used to steal virtual currencies.
Cybercriminals managed to steal a total of over 700.000 credentials, 600.000 of which are for websites, 100.000 για λογαριασμούς ηλεκτρονικού ταχυδρομείου, 16.000 για διακομιστές FTP, 900 για SSH και 800 για connections Remote Desktop. This data was stolen between September 2013 and mid-January 2014.
Based on the data they received from the attack control panel, experts concluded that four months after the theft of information, cyber criminals decided to stop PonyBot.
Most credentials have been stolen from Germany (41.177), Poland (17.214), Italy (15.672), Czech Republic (14.835), Bulgaria (7.063), France (5.513), Croatia (4.725), Peru (4.616), India ( 2.761) and Vietnam (2.234).
Γύρω στους 80.000 λογαριασμούς στο Facebook έχουν επηρεαστεί, ακολουθούμενοι από λογαριασμούς των domains accounts.google.com (13.740), nk.pl (13.169), seznam.cz (11.712), profil.wp.pl (8.036), abv.bg (6.589), yahoo.com (6.554), szn.cz (6.175), google.com (5.842) και pl-pl.facebook.com (3.974).
The Pony botnet has also been used to target Bitcoins and other virtual coins. Experts have found that cyber criminals get 220000 dollars from these violations.
In addition to Bitcoin, the Crime Preference list also includes Litecoin, Feathercoin, Fastcoin, Bytecoin, Namecoin, Mincoin, Zetacoin and many others.
Due to the high value of Bitcoin, the attackers did not need to breach a large number of wallets. From the access they acquired only on 85 wallets, they managed to steal 355 Bitcoins, 280 Litecoins, 33 Primeoins and 46 Feathercoins.
It is well known that if someone empties your wallet, there is nothing you can do about it.