Cyber thieves use a virus to pull off a digital currency heistS

Using a malicious botnet called Pony, cyber criminals have stolen an estimated $330,000 worth of BitCoins, LiteCoins, FeatherCoins, and other digital currencies. It's considered the most ambitious cyber attack on virtual money so far.

Security experts are already familiar with the Pony botnet — a collection of infected computers that take orders from central "command and control" servers. Late last year, it was responsible for approximately two million compromised accounts, but the operators of botnet have now taken Pony's game to the next level.

According to security firm Trustwave, the Pony botnet has stolen some 85 virtual "wallets" that contained BitCoins and other types of digital currencies (estimates include about 355 BitCoins, 280 LiteCoins, 33 PrimeCoins, and 46 FeatherCoins). The firm isn't sure how much money was stolen, but it could be upwards of $330,000 U.S. The heist occurred over a four-month period (between September 2013 and mid-January 2014) during which time Pony managed to steal over 700,000 credentials (including 600,000 website logins, 100,000 email accounts, and 16,000 FTP accounts).

Betanews explains some of the implications — and why this sort of criminal activity is so enticing:

There are obvious attractions in targeting virtual currencies, firstly they contain money, but secondly BitCoin transactions — by design — cannot be reversed. Once money is transferred out of your virtual wallet there's nothing you can do. There's no authority you can contact to reverse the transaction or freeze your account.

Trading information is also open, so anyone can examine the history of a virtual wallet though the identity of the owner remains unknown. The net result of all this is that stealing virtual currencies is much easier than stealing from a bank. Exchanging for hard currency via a trading website is just another transaction and by the time it occurs any connection to the original owner of the BitCoins is gone.

Once an attacker has the wallet.dat file containing the private key he becomes just as much the owner of the wallet as its original creator. Of course the wallet file can be protected with a password but it seems that many users don't bother to do this.

According to Reuters, this is at least the third type of fraud to surface involving digital currencies:

Criminals have previously hacked into marketplaces where digital currencies are traded by exploiting security flaws in those sites, then stealing those currencies...Cyber criminals have also developed botnets that force enslaved computers to create, or "mine", digital currencies, which the fraudsters then claim as their own.

Bitcoin mining is a time-consuming process in which computers perform complex math calculations. The operators of those botnets are stealing electricity and data center resources when they use compromised machines to mine digital currencies.

More at Trustwave SpiderLabs.

Image: Julia Zakharova/Shutterstock.