Hundreds of thousands of computers have reportedly been affected by malware called ‘Pony’, which is allowing attackers to steal bitcoin and a slew of other digital currencies.
The news was reported by a security firm called Trustwave, who notes that somewhere on the order of 85 digital wallets have been stolen — translating to about $200,000.
“It is the first time we saw such a widespread presence of this type of malware. It was on hundreds of thousands of machines,” Ziv Mador of the company said.
It’s unclear who exactly is behind the malware, but Trustwave has reason to believe the botnet operation is still ongoing, having been hiding maliciously in user machines for months.
Trustwave has been following the Pony botnet since September 2013, and provides the following statistics (which go far beyond digital currency theft):
- 600,000 website login credentials stolen
- 100,000 email credentials stolen
- 16,000 FTP credentials stolen
- 900 Secure Shell credentials stolen
- 800 Remote Desktop credentials stolen
With regard to digital currencies, the following is the loot obtained by Pony:
- 355 bitcoins
- 280 litecoins
- 33 primecoins
- 46 feathercoins