A computer security researcher has stumbled upon another huge file of stolen user names and passwords that was posted on the ‘net for other hackers to enjoy. According to web security firm Trustwave, hackers have stolen login usernames and passwords across various sites in the past month with the help of Pony malware, a bit different than a typical breach.
Although these are accounts for online services such as Facebook, LinkedIn, Twitter and Google, this is not the result of any weakness in those companies networks. Individual users had the malware installed on their machines and had their passwords stolen. Pony steals passwords that are stored on the infected users’ computers as well as by capturing them when they are used to log into web services.
The malware was configured so that the majority of the credential information was sent to a server in the Netherlands. The server does not show from which countries the information came from however confirmed attacks targeted users worldwide including in the U.S., Germany, Singapore, Thailand and others.
Facebook accounted for about 57% of the compromised accounts, followed by Yahoo 10%, Google 9%, Twitter 3% and LinkedIn 1.5%.