25 Feb 2014

Credentials of 200,0000 People Compromised in Global Botnet Attack

Nearly 200,000 people had account credentials, Bitcoins and other virtual currencies stolen by a small group of cybercriminals in a global botnet attack, according to a Trustwave Spider Labs blog announcement.

The attack, carried out in the last four months, used a Pony botnet to steal over 600,000 website login credentials and 100,000 email addresses and passwords, mostly from German, Polish and Italian users. This type of malware controls an infected device without the user’s knowledge to steal sensitive data, including unencrypted Bitcoin wallets.

85 Bitcoin, LiteCoin, PrimeCoin and FeatherCoin wallets storing the equivalent of $220,000, were broken into and “irreversible transactions” were performed.

“The criminal only needs to send the coins to an account on one of the trading websites, exchange the coins for USD or any other currency they desire and then transfer it to their bank account,” the company says. “Processing the virtual currency through the trading website preserves the attacker’s anonymity.” Thus, transactions appear legitimate and cannot be distinguished from the real ones.

It seems the botnet responsible for the breach in no longer active, according to the same source.