TrainACE - IT and Cybersecurity Training Blog

Huge Password Hack: Rode In On Email Spam

[fa icon="calendar"] Jan 1, 2014 11:30:09 AM / by alan

A "Pony" took a ride on the typing fingers of close to two million unwitting computer users when they logged in to their Facebook, Twitter, Google, Yahoo or certain other online accounts beginning October 21, 2013, as reported by ABCnews and CNNMoney. Pony is the name of a keylogging software program which captured log-in credentials and passwords according to Trustwave, an information security company which investigated and exposed the colossal cybersecurity breach.

How did it Happen?

Maliciously installed by the hackers through spam emails on the affected individuals' computers, the malware collected the user names and passwords and sent them to a server located in the Netherlands. At least that's the one which has been has located so far. There appears to be some indication that there are probably additional proxy servers in other locations, and the collection process may still be on-going. The hackers themselves are unnamed and may not have been identified.

Trustwave notified the 93 websites affected worldwide, and publically released its findings on December 3rd. Many websites including Facebook, Twitter, LinkedIn and Yahoo, have notified users as necessary and hopefully all sites which are aware of the problem have or will prompt affected users to change their passwords when next logging-in to the site. This might not completely solve the problem, however, if your computer is infected with Pony. A search for the malware may not necessarily reveal it as information security experts says the virus lurks in the background and is not easily findable with a search. The best way to get rid of it is to download new patches and update your computer security and virus protection.

How to Protect Yourself

This particular hacking investigation made clear that the security of Facebook, Twitter and the other affected websites was not the issue in this case. Here, the users were the ones who let Pony in. Not intentionally of course, but another reminder that we should all pay better attention to internet security. Simple, everyday steps such as choosing complex and varied passwords, regularly updating virus protection software and NOT opening unknown email attachments are all good rules to remember. Watch for new anti-malware products coming that will help protect against this specific kind of virus -- keystroke cloaking or keystroke encryption technology is still new, but exactly on point to the Pony virus.

Pony is still out there. Even if and when he is stabled, other viruses are out there and will keep being created. Sometimes, you can't avoid getting hacked; sometimes, you can.

Topics: Cisco


Written by alan

Need IT Certifications?
Want more info?

Call (301) 220-2802