The Pony Botnet Controller virus – which may be on your computer – has stolen millions of Facebook passwords, Google passwords, Twitter passwords and Yahoo passwords, along with log-in credentials from email accounts and even FTP accounts. All told more than 2 million account usernames and passwords were stolen.
According to SpiderLabs, over a million and a half usernames and passwords for sites such as Facebook were stolen, 320,000 email account usernames and passwords were stolen, and 41,000 FTP account credentials were stolen, along with a smattering of remote desktop and shell account usernames and passwords.
Says SpiderLabs, “As one might expect, most of the compromised web log-ins belong to popular websites and services such as Facebook, Google, Yahoo, Twitter, LinkedIn, etc.”, adding that “Another interesting item on the list is the payroll service provider adp.com. It is only natural to have such domains in the mix, but it is surprising to see it ranked #9 on the top domains list. Facebook accounts are a nice catch for cyber criminals, but payroll services accounts could actually have direct financial repercussions.”
The Pony Botnet Controller virus is a key-logger (meaning it records your keystrokes as you type in your username and password), and was installed on countless PCs and other computers around the world.
John Miller, with Trustwave, says that the Pony Botnet Controller first appeared in October, and may still be reporting back to various servers around the world, although a server in the Netherlands to which it was reporting back has been shut down.
Miller also says that it is important to update your anti-virus (“AV”) software as you may not be able to find the Pony Botnet files even if your computer is affected.
In addition to the Facebook and other passwords, Pony Botnet Controller has stolen thousands of accounts at payroll and financial services firm ADP. Says Miller, of those who now have these stolen credentials, “They might be able to cut checks, modify people’s payments.”
So, again, update your AV software now, and then go change your Facebook password and other passwords.