Ponmocup is one of the most successful and longest running botnets of the past decade. First detected in 2006, as Vundo or Virtumonde, and detected as Ponmocup starting in 2011, we believe this is one of the most underestimated botnets still under continuous development.
Though Ponmocup has received a minimal amount of attention from the security community, it is in fact a sophisticated botnet serving different purposes. Though these purposes have often been described as low-risk functionalities, the malware is actually used by a group of sophisticated criminals who use the botnet for various (financials) gains, and are likely conducting a limited amount of targeted attacks.