Cyber thieves blamed for Bitcoin heist: Researchers

Tags: Bitcoin, Cyber, News
A gang of cyber criminals using an army of infected computers made off with at least $220,000 worth of Bitcoins and other virtual currencies, security researchers have said.

The researchers from the security firm Trustwave yesterday said the heist was accomplished by a botnet of computers using malware that has been dubbed "Pony".

The Pony botnet has infected an estimated 700,000 people or computers, allowing the criminals to control those accounts.

The scheme "collected approximately $220,000 worth, at time of writing, of virtual currencies such as Bitcoin, LiteCoin, FeatherCoin and 27 others," said a blog post from researchers Daniel Chechik and Anat Davidi.

"According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014."

The botnet stole 600,000 website login credentials, 100,000 email account credentials and other secure account information.

The news comes amid growing use of virtual currencies such as Bitcoins, which have been developed by cryptographic experts as a way to move money at a lower costs than traditional finance systems.

While many uses of Bitcoins are legitimate, the virtual currencies have also been tied to money laundering and drug trafficking as well as underground websites such as Silk Road, the target of a US raid.

Earlier this month, the operators of what was purported to be a revived Silk Road website claimed the site was the victim of an attack which wiped out $2.7 million stored by the bazaar.

"Bitcoins are stored in virtual wallets, which are essentially pairs of private and public keys," the Trustwave researchers said, adding that whoever has those keys can take the currency.

"Stealing Bitcoins and exchanging them for another currency, even a regulated one such as US dollars, is much easier than stealing money from a bank."

They said that cyber thieves with Bitcoins can use any number of trading websites, to get real cash while maintaining anonymity.

Trustwave said the same malware was used last year to steal login information from more than 650,000 accounts including on Facebook, Yahoo and Google.

EDITORIAL OF THE DAY

  • Strict disclosure norms on unspent client funds will only help the market grow

    The Securities and Exchange Board of India’s (Sebi’s) reported move to make it difficult for stockbrokers to misuse client funds should be a much-

FC NEWSLETTER

Stay informed on our latest news!

TODAY'S COLUMNS

Tushar Gandhi

An unexplored side of rural enterprise

What is rural enterprise? Ask this qu­estion and 9 out ...

Kuruvilla Pandikattu

Black and white of morality

Would you kill one innocent person to save five? Choose ...

Dharmendra Khandal

So, how do we define a 'vermin'?

These days there’s an ongoing debate whether to declare various ...

INTERVIEWS

William D. Green

Chairman & CEO, Accenture