Crypto-currency users beware. There’s a new botnet in town called “Pony”, and it has been used quite recently to steal $220,000 worth of virtual money made up of thirty different virtual currencies, including Bitcoin, BBQcoin, Anoncoin, Zetacoin and others.
Pony has also stolen over 600,000 credentials for a variety of internet services, including big ones like Facebook, Google and Yahoo.
Fortunately, a local security firm, Trustwave, has come into possession of a list of the credentials and virtual currency wallets that have been compromised, and they have made online tools available to the public that will allow people to check whether their information was among the data harvested.
To check, all you need to do is enter the email address associated with the web services you use the most into this site, or your public key that identifies your virtual currency wallet into this one, and Trustwave’s tool will compare what you’ve entered to the database they have recovered, and let you know if you have anything to worry about.
Trustwave has published a blog detailing some of the Pony botnet’s techniques and some of the vulnerabilities in virtual currencies, which makes for fascinating reading if you’re into this kind of thing. Also, if your retirement plans hinge off the success and safety of virtual currencies, it’s highly recommended that you give it a read in order to better protect yourself in the long run.