Data based on the number of blocks of various threats by the DFi Security Center
for the month of April.

Malware of the month: Pony

Infection vectors: attachments, hacked websites
Consequences: theft of passwords, deactivation of antivirus software

Pony is a malware with two main functionalities: stealing information such as passwords from infected machines (infostealer), and installing other types of malware (loader) to trigger new attacks. Present since 2011, it is still very active and mainly targets Europe and America.

Over the years, the Pony malware has evolved by maintaining its ability to disable antivirus and Windows protection features and thus be executed invisibly. This formidable effectiveness has been demonstrated by its use in a large number of attacks in recent years.

The popularity of this malware is also due to the fact that its source code has been published on forums frequented by cybercriminals. Customised versions can be designed to take advantage of the malware’s proven functionality in new attacks.

Source : any.run