Home / / Computer worm steals Facebook log-in credentials

Computer worm steals Facebook log-in credentials

45,000 accounts, mostly in UK, France have been compromised

Computer worm steals Facebook log-in credentials
A computer worm has stolen the log-in credentials of 45,000 Facebook users.

A computer worm, known as Ramnit, has stolen 45,000 Facebook login credentials, largely from Facebook accounts in the UK and France, according to security firm Seculert.

The latest iteration of the worm was discovered in Seculert's labs.

"We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," said the researchers on the firm's blog.

"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks."

According to Seculert, 800,000 machines were infected with the Ramnit worm between September and the end of December 2011.

"It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands," said Seculert.

Facebook has advised all users to run anti-virus software, as it may not be obvious that users have been attacked.

Facebook has released a statement confirming the security breach.

"Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts. Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices. People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook."

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.