Security Experts:

Cyber Thieves Blamed for Bitcoin Heist: Researchers

Cyber Thieves Blamed for Bitcoin Heist: Researchers

WASHINGTON - A gang of cyber criminals using an army of infected computers made off with at least $220,000 worth of Bitcoins and other virtual currencies, security researchers said Monday.

The researchers from the security firm Trustwave said the heist was accomplished by a botnet using malware that has been dubbed "Pony".

The Pony botnet has affected an estimated 700,000 people or computers, allowing the criminals to control those accounts.

The scheme "collected approximately $220,000 worth, at time of writing, of virtual currencies such as Bitcoin, LiteCoin, FeatherCoin and 27 others," said a blog post from researchers Daniel Chechik and Anat Davidi.

"According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014."

The botnet stole 600,000 website login credentials, 100,000 email account credentials and other secure account information.

The news comes amid growing use of virtual currencies such as Bitcoins, which have been developed by cryptographic experts as a way to move money at a lower costs than traditional finance systems.

While many uses of Bitcoins are legitimate, the virtual currencies have also been tied to money laundering and drug trafficking as well as underground websites such as Silk Road, the target of a US raid.

Earlier this month, the operators of what was purported to be a revived Silk Road website claimed the site was the victim of an attack which wiped out $2.7 million stored by the bazaar.

"Bitcoins are stored in virtual wallets, which are essentially pairs of private and public keys," the Trustwave researchers said, adding that whoever has those keys can take the currency.

"Stealing Bitcoins and exchanging them for another currency, even a regulated one such as US dollars, is much easier than stealing money from a bank."

They said that cyber thieves with Bitcoins can use any number of trading websites, to get real cash while maintaining anonymity.

The researchers said Pony compromised 85 wallets, and noted that the low number probably reflects the small percentage of people using virtual currencies.

But Bitcoins are expected to gain wider use, especially with the launch of ATMs around the world that can provide the digital currency.

Trustwave said the Pony malware was used last year to steal login information from more than 650,000 accounts including on Facebook, Yahoo and Google. 

Subscribe to the SecurityWeek Email Briefing
view counter