The security company Damballa has unveiled a recently discovered modified version of a previously popular piece of malware. The new version is designed to gather sensitive financial information off of victims’ computers, including Bitcoin and various other altcoin wallets.

Bitcoin and malware have crossed paths before, malware was forcing unsuspecting victims to secretly mine for Bitcoin. As mining difficulty has gone up, traditional computers are becoming far less effective at mining the digital currency. This led to some to wonder if malicious parties looking to score stolen bitcoin would turn elsewhere, like attacking user wallets.

That fear has now materialized as the popular malware Pony Loader has been modified to steal cryptocurrencies as well as traditional financial information. Pony Loader had its source code leaked online and that has resulted in many enterprising black hats to modify the code to their own specifications and means. The version being sold with the cryptocurrency stealing software has been dubbed “Pony Loader 2.0” and has been seen for sale on the Dark Web.

Among the wallets targeted include Bitcoin Armory, Peercoin, Bytecoin, Worldcoin, Megacoin, Quarkcoin, Namecoin, Terracoin and others. You can check out the full list, along with the non cryptocurrency related software affected, here.

The incentive for nefarious parties to pilfer coins will increase in parallel with the increasing value of cryptocurrencies. Users are recommended that they store any critical funds in cold storage and since most malware attacks Windows, using a more secure OS like Linux is also recommended.