The Pony botnet has been identified as a digital wallet thief, done so by Trustwave’s SpiderLabs, which detailed its findings in a recent blog post. The botnet is known to steal credentials, but to a lesser degree it is also nabbing digital coins from the wallets of infected users. The theft takes place across multiple currency types: Bitcoin, Litecoin, and 28 more.
This particular Pony botnet controller managed to steal about $220,000 USD in digital currencies, with it being believed the botnet was active from September of last year through January of this year. In addition to stealing the coins from digital wallets, it also grabbed in excess of 700,000 credentials for FTP accounts, email, websites, and more.
In this case, Pony is said to have compromised 85 wallets, with the digital currencies breaking down thusly: 355 Bitcoins, 280 Litecoins, 33 Primecoins, and 46 Feathercoins. According to SpiderLabs, this represents “one of the largest caches of BitCoin wallets stolen from end-users.”
This isn’t the first time Bitcoins and related currencies have been stolen — the reality of cryptocurrencies has been likened to that of the wild west by some in explaining the insecurity of it all. One particularly notable example happened in late December when Bitcoin was stolen on live television during a segment on the currency.