Daniel Chechik and Anat (Fox) Davidi of Trustwave write:
In our last episode of “Look What I Found” we talked about a fairly large instance of the Pony Botnet Controller. With the source code of Pony leaked and in the wild, we continue to see new instances and forks of Pony 1.9. One of the latest instances we’ve run into is larger than the last with stolen credentials for approximately two million compromised accounts.
Read more on Trustwave SpiderLabs.com.