Pony Botnet stole 2 million passwords from different social media accounts
Researchers of Trustwave’s SpiderLabs discovered a server with the stolen credentials on Tuesday, December 3. Among the websites with the most captured logins there are Facebook (57%), followed by Yahoo (10%), Google (9%) and Twitter (3%). Trustwave’s analysis and report are published on their blog.The attack wasn’t a typical breach. It isn’t the result of a weakness in Facebook or Google’s networks. Apparently, the malware was located on the users’ computers and collected the login information stored there. Trustwave has already contacted those service providers and they are taking measures to warn their users.
It appears that for the past month or so, the majority of the information was sent to a Pony Botnet server in the Netherlands. It is very likely that the operation uses proxies, though, so the actual location of the server cannot be confirmed. Thus, those who are responsible for the attack remain unknown. Another thing, we don’t know for sure which are the targeted countries. For the moment, it is confirmed that victims are located in the USA, Germany, Singapore and Thailand.
Researchers warn that the main reason all those login details were able to be stolen is that victims used very short and simple passwords, most commonly referred to as “terrible” passwords. In order to protect yourselves from such and other forms of hacker attacks, specialists advise you to setup malware detection software and to keep your antivirus always up to date. And here you can find a list of the most common terrible password to absolutely avoid.
Good luck and surf safe!
Etudiante en M2 Commerce électronique. Le marketing et les nouvelles technologies vous intéressent? Moi aussi!