Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Tech Gear

Pony botnet may have stolen your clueless password

See also

The Newsy video account of Dec. 5, 2013 (with Mikah Sargent) may have bad news about your online credentials. The Pony online controller may have been "compromised" and turned into a botnet. That botnet happened to be malicious and may have "scraped" your online password/s. This column's twitter account reported the breach Dec. 4, 2013. Threatpost also reported on the theft of some "2 million passwords" using the controller botnet. Newsy and Mikah do make mention also that the original "cop" was reported by Trustwave Spiderlabs security. An apology for the unfortunate use of “clueless password” is made and an explanation is coming.

The report of a major hack of passwords is only the latest in a string of such hacks. The Pony botnet hackers may have originated somewhere in Russia (Threatpost). The hacks may have been performed from a proxy server in The Netherlands (proxies have happened there in recent history). It was then easy pickings for the hoods to swipe several million passwords and other identifying online information. And your own password may have helped them. Clueless passwords like "123456" or "111111" are still in use on several major websites. Those types of passwords make it easy to guess them and take them once the Pony botnet (or other hack controller) has accessed the targeted sites.

Thinking out what your best password choice might be is important for defending your online presence. According to this latest attack online entities like Google, LinkedIn, Yahoo, Facebook and Twitter may have been hacked to some extent. The Trustwave Spiderlab post may give you some good suggestions. Also, most websites will inform you if your password is "strong" or "weak" when choosing one. It would be unfortunate to choose the "weak" password.

But how do you know if your online account has been "pwned"? Troy Hunt explains on his website Dec. 5 and Dec. 4, 2013 his creation of the pwn engine "Have I been pwned?". Two personal e-mail addresses were used to check for botnet hacks - and came back "safe". Is the pwn engine itself safe to use? A review of its elements were compared with a "malicious site" - an amateurish response is that the pwn engine "appears to be safe". Can you access your online accounts - have they been compromised by the Pony botnet? If or if not please check to see that you have not used a weak password.


Don't Miss

  • Massive
    Ubisoft Massive exclusive: 'The Division', PS4 & Xbox One, Activision to Ubisoft & more
    Games Exclusive
  • iPhone
    Get your wallet ready: The next iPhone could cost $100 more than your last one
    Tech Buzz
  • Civ
    Need to catch up on 'Sid Meier's Civilization'? Here is everything you need to know
    Games Feature
  • Google Glass
    See how Google Glass is letting sick kids go to the zoo without leaving the hospital
    Tech News
  • Upcoming
    These are 2014's biggest PS4, Xbox One and Wii U games
    Games Feature
  • Google
    Google has filed for a patent to develop contact lenses capable of taking photos

Related Videos:

  • Preventing Data Breaches and Hacking
    <div class="video-info" data-id="518103352" data-param-name="playList" data-provider="5min" data-url=""></div>
  • Computer hardware
    <iframe width="420" height="315" src="//;autoplay=1"></iframe>
  • Twitter
    <div class="video-info" data-id="518177595" data-param-name="playList" data-provider="5min" data-url=""></div>

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about and apply today!