Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cyber Thieves Blamed for Bitcoin Heist: Researchers

Cyber Thieves Blamed for Bitcoin Heist: Researchers

WASHINGTON – A gang of cyber criminals using an army of infected computers made off with at least $220,000 worth of Bitcoins and other virtual currencies, security researchers said Monday.

Cyber Thieves Blamed for Bitcoin Heist: Researchers

WASHINGTON – A gang of cyber criminals using an army of infected computers made off with at least $220,000 worth of Bitcoins and other virtual currencies, security researchers said Monday.

The researchers from the security firm Trustwave said the heist was accomplished by a botnet using malware that has been dubbed “Pony”.

The Pony botnet has affected an estimated 700,000 people or computers, allowing the criminals to control those accounts.

The scheme “collected approximately $220,000 worth, at time of writing, of virtual currencies such as Bitcoin, LiteCoin, FeatherCoin and 27 others,” said a blog post from researchers Daniel Chechik and Anat Davidi.

“According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014.”

The botnet stole 600,000 website login credentials, 100,000 email account credentials and other secure account information.

The news comes amid growing use of virtual currencies such as Bitcoins, which have been developed by cryptographic experts as a way to move money at a lower costs than traditional finance systems.

Advertisement. Scroll to continue reading.

While many uses of Bitcoins are legitimate, the virtual currencies have also been tied to money laundering and drug trafficking as well as underground websites such as Silk Road, the target of a US raid.

Earlier this month, the operators of what was purported to be a revived Silk Road website claimed the site was the victim of an attack which wiped out $2.7 million stored by the bazaar.

“Bitcoins are stored in virtual wallets, which are essentially pairs of private and public keys,” the Trustwave researchers said, adding that whoever has those keys can take the currency.

“Stealing Bitcoins and exchanging them for another currency, even a regulated one such as US dollars, is much easier than stealing money from a bank.”

They said that cyber thieves with Bitcoins can use any number of trading websites, to get real cash while maintaining anonymity.

The researchers said Pony compromised 85 wallets, and noted that the low number probably reflects the small percentage of people using virtual currencies.

But Bitcoins are expected to gain wider use, especially with the launch of ATMs around the world that can provide the digital currency.

Trustwave said the Pony malware was used last year to steal login information from more than 650,000 accounts including on Facebook, Yahoo and Google. 

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.