Cybercriminals have infected hundreds of thousands of computers with a virus called "Pony" to steal bitcoins and other digital currencies, in the most ambitious cyberattack on virtual money uncovered so far, according to security firm Trustwave.
Trustwave said on Monday that it has found evidence that the operators of a cybercrime ring known as the Pony botnet have stolen some 85 virtual "wallets" that contained bitcoins and other types of digital currencies. The firm said it did not know how much digital currency was contained in the wallets.
"It is the first time we saw such a widespread presence of this type of malware. It was on hundreds of thousands of machines," said Ziv Mador, security research director with Chicago-based Trustwave.
Trustwave said it believes the crime ring is still operating, though it does not know who is running the group. The company said it has disrupted the servers that were controlling machines infected with Pony, but expects the group to launch more attacks on virtual currency users.
A representative for the Bitcoin Foundation, a trade group that promotes adoption of the virtual currency, advised bitcoin users to store their currency offline in a secure location to prevent cyber criminals from stealing them.
"Electronic wallet security continues to improve by leaps and bounds as hardware wallets become available and we start to see software wallets that support multi-signature transactions," said the Bitcoin Foundation's director of public affairs, Jinyoung Lee Englund.
Trustwave's discovery comes after an unrelated cyber attack that spammed bitcoin exchanges earlier this month. That attack prompted at least three online virtual currency traders to halt withdrawals, causing bitcoin's value to plunge 33 percent over three weeks.
Bitcoin is a digital currency sustained by software code written by an unknown programmer or group of programmers. It is not governed by any one company or person, and its value is determined by user demand. People who buy digital currency can store it in virtual wallets on their own machines or with companies that offer storage and security services.
Mador said digital currency theft is still in its infancy, but that it is likely to grow. He said that digital currency buyers can protect themselves from hackers by using encrypted files.
"Most websites don't encrypt them by default, but you can turn them on," he added.