updated 08:29 pm EST, Wed December 4, 2013
Facebook, Gmail, ADP, Twitter amongst list of credentials stolen
A recently-discovered botnet has been accused of pilfering over two million logins to popular web services, including Facebook, Gmail, some payroll services, and an assortment of Russian social networking services, according to Trustwave SpiderLabs. The botnet, driven by the "pony" controller software, is infecting PC users in 102 countries.
Facebook had the most stolen passwords, with 318,121 lifted. Yahoo has seen 59,549 stolen, and Google is currently third on the list with 54,437 accounts and passwords compromised. Also taken are 41,000 FTP account credentials, 3,000 remote desktop password sets, and 3,000 secure shell accounts lifted.
Payroll processor ADP as well as social sites LinkedIn and Twitter have informed affected users of the theft, and have reset passwords belonging to the compromised accounts. Google and Yahoo have both declined requests for countermeasures taken in response to the botnet thefts.