A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned. The data is believed to have been taken largely from Facebook accounts in the UK and France, according to security firm Seculert. The culprit is a well-known piece of malware – dubbed Ramnit – which has been around since April 2010 and has previously stolen banking details. Facebook told the BBC that it was looking into the issue.
“We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” said the researchers on the firm’s blog. ”
“It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands,” said Seculert.
According to Seculert, 800,000 machines were infected with Ramnit from September to the end of December 2011. Microsoft’s Malware Protection Center (MMPC) described Ramnit as “a multi-component malware family which infects Windows executable as well as HTML files… stealing sensitive information such as stored FTP credentials and browser cookies”.
For Facebook users concerned that they have been affected by the worm, the advice is to run anti-virus software.
Source: BBC News