Uncovering ‘PONY malware’

The malware has been hitting the news lately by stealing 2 Million Accounts passwords from Facebook, Twitter, Google, ADP. “The Pony malware is used to steal information: stolen credentials for websites, email accounts, FTP accounts, [and] anything it can get its hands on. In this case, attackers planted the malware on users’ machines around the world and were able to steal credentials for websites such as Facebook, Twitter, Yahoo, and even the payroll provider ADP,” says John Miller, security research manager at Trustwave. (trustwave.com, 2013).The malware has been around since beginning of this year – Jan 2013 (laboratoriomalware.blogspot.com, 2013).

PONY operates rates as a botnet controller. A Bot-net is a collection of interconnected computers (zombies) communicating with other infected computers in order to perform malicious attacks and controlled remotely. Continue reading Uncovering ‘PONY malware’