Infamous Pony Loader Malware Updated to Steal Bitcoins

Security firm Damballa recently identified the Pony Loader 2.0 malware and says that a new strain of malware is being sold in the under-ground criminal market which aims to embezzle Bitcoin wallets of victims.

The security firm expects that a surge in thefts will take place with the discovery of this iteration of the malware.

Pony Loader, also known as Fareit, has been on sale in the underground market for quite a number of years now and it can steal crucial information from an Internaut's computer like stored details of emails, web and FTP (File Transfer Protocol) accounts and also install more malware, the security firm explains.

Earlier, Pony malware has been employed to dispense the infamous P2P (peer-to-peer) GameOver Zeus Trojan.

The latest iteration has been spreading over the Internet ever since the beginning of 2014 and was put up for sale in May 2014. This version has many enhancements besides embezzling virtual currencies which has been described as the most serious. It (Pony Loader 2.0) can strike thirty other wallets besides the original Bitcoin client which include Electrum, Litecoin, MultiBit, Terracoin, Namecoin, and Bitcoin Armory, the security firm says.

It can also decode passwords that have been saved from well-known programs like Mozilla, Chrome, Thunderbird, IE (or Internet Explore) and Windows Mail.

Tweaktown.com published a statement on 26th June, 2014 quoting Isaac Palmer, Malware Reserve Engineer at Damballa, as saying "Users should find it risky to use these programs for storing their passwords and bitcoin private keys because they have the ability to pilfer stored credentials from a large variety of software."

Infosecurity-magazine.com published news on 25th June, 2014 stating an advice from Bitcoin itself saying to update to a newer version of the client "which provides a method to encrypt with a passphrase the private keys stored in the wallet."

As the popularity of crypto-currencies like Bitcoin and its many rivals growing, they are becoming most sought after target for cybercriminals because security remains undeveloped.

In third week of June, 2014, a German hacker was found to have exploited vulnerability in Synology NAS (network attached storage) boxes to mine Dogecoins worth more than $600,000.

» SPAMfighter News - 7/2/2014