Pony botnet plunders 650,000 web logins in days, Trustwave reports

Stats pulled from C&C server

Security firm Trustwave has discovered a Russian command and control server for the Pony botnet that has managed to plunder the Web credentials of 650,000 victims in a matter of days.

The bot's purpose is to compromise the PCs of its victims, keylogging their account names and passwords, the more the merrier. It's not fussy which logins it steals either.

Using statistics from the bot controller's web interface, the firm found that it had stolen 278,000 from Firefox users, 212,000 from Chrome, and 117,000 from Internet Explorer.

It had also nabbed another 14,500 from Outlook, 1,000 from Windows Live Mail, 16,000 from Facebook, 35,000 from Yahoo, 28,000 from Google, and 12,000 from Twitter as well as logging 7,000 potentially valuable FTP accounts.

"It's a dangerous world out there; this is a single instance of a single botnet controller showing some pretty big numbers," said Trustwave's lead security researcher, Arseny Levine.

"Not knowing how these machines got infected in the first place, it's hard to say whether it was targeting specific businesses, business sizes, or if it was targeting businesses at all."

Most of the victims were in Asia, Trustwave said, with the top domains being Russia, Vietnam, Iran, India and Turkey.

Pony is a relatively unknown botnet among many others but the figures discovered by Trustwave are still impressive for a few days work. Given that this is only one controller among an unknown number, it could be a rising star among botnet.

Tags Personal TechYahooGoogletrustwavesecuritytwitterFacebookmozilla


Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

SECURE Email Gateway

Clearswift SECURE Email Gateway is an effective and resilient email gateway for 50 to 50,000 users.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.