Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites.
In a blog post, the researchers mentioned that after the Pony Version 1.9 Source code was made public and they found a way to get into the Botnet's Admin area, from where they collected stolen database and statistics.
The Pony Control panel, written in Russian language, indicated Facebook was the worst impacted and two Russian Social Media sites i.e. vk.com and odnoklassniki.ru, credentials were also included in the database.
It is not clear at this time that how exactly the login credentials were originally obtained, but one possibility is that, they were captured using some keyloggers or similar malware.
Statistics of stolen login credentials:
- 1,580,000 website login credentials stolen (including 318,121 Facebook login credentials, 21,708 Twitter accounts, 54,437 Google-based accounts and 59,549 Yahoo accounts)
- 320,000 email account credentials stolen
- 41,000 FTP account credentials stolen
- 3,000 Remote Desktop credentials stolen
- 3,000 Secure Shell account credentials stolen
'A quick glance at the Geo-location statistics above would make one think that this attack was a targeted attack on the Netherlands.' researcher wrote. .. followed by Thailand, Germany, Singapore, and Indonesia. The United States accounted for less than 2,000 stolen credentials.
Spider Labs also listed the most commonly used passwords:
- 123456 - used for 15,820 accounts
- 123456789 - used for 4,875 accounts
- 1234 - used for 3,135 accounts
- password - used for 2,212 accounts
- 12345 - used for 2,094 accounts
Obviously a bad idea to keep such weak password. Your passwords are the keys to your computer and your private information. Don't give out your passwords, make sure they are not easy to guess.
To defend your system against such malware issues, keep your computer and browser up-to-date and virus-free and make sure that you have Facebook's Login Notifications and Google's 2-step verification option enabled.
LinkedIn and Facebook said they were aware of the issue and looking into it.
To defend your system against such malware issues, keep your computer and browser up-to-date and virus-free and make sure that you have Facebook's Login Notifications and Google's 2-step verification option enabled.
LinkedIn and Facebook said they were aware of the issue and looking into it.