The Hacker News Logo
Subscribe to Newsletter

Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server

Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server
Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites.

In a blog post, the researchers mentioned that after the Pony Version 1.9 Source code was made public and they found a way to get into the Botnet's Admin area, from where they collected stolen database and statistics.

The Pony Control panel, written in Russian language, indicated Facebook was the worst impacted and two Russian Social Media sites i.e. vk.com and odnoklassniki.ru, credentials were also included in the database.

It is not clear at this time that how exactly the login credentials were originally obtained, but one possibility is that, they were captured using some keyloggers or similar malware.

Statistics of stolen login credentials:
  • 1,580,000 website login credentials stolen (including 318,121 Facebook login credentials, 21,708 Twitter accounts, 54,437 Google-based accounts and 59,549 Yahoo accounts)
  • 320,000 email account credentials stolen
  • 41,000 FTP account credentials stolen
  • 3,000 Remote Desktop credentials stolen
  • 3,000 Secure Shell account credentials stolen
'A quick glance at the Geo-location statistics above would make one think that this attack was a targeted attack on the Netherlands.' researcher wrote. .. followed by Thailand, Germany, Singapore, and Indonesia. The United States accounted for less than 2,000 stolen credentials.
Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server
Spider Labs also listed the most commonly used passwords:
  • 123456 - used for 15,820 accounts
  • 123456789 - used for 4,875 accounts
  • 1234 - used for 3,135 accounts
  • password - used for 2,212 accounts
  • 12345 - used for 2,094 accounts
Obviously a bad idea to keep such weak password. Your passwords are the keys to your computer and your private information. Don't give out your passwords, make sure they are not easy to guess.

To defend your system against such malware issues, keep your computer and browser up-to-date and virus-free and make sure that you have Facebook’s Login Notifications and Google’s 2-step verification option enabled.

LinkedIn and Facebook said they were aware of the issue and looking into it.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.