Facebook Security Threat: 45,000 Passwords Stolen By Ramnit Worm, Seculert Claims
Up to 45,000 Facebook users have been hit by a computer worm which has stolen passwords and login details.
Security firm Seculert said attackers behind the 'Ramnit' malware have been using the stolen credentials to login to accounts and spread the virus around to other users.
The affected accounts are mainly in the UK and France, Seculert said. More than 800,000 machines have been infected with Ramnit since September 2011, though not all have been hit by the Facebook attack.
"The viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands," Seculert wrote on its company blog.
Evidence of the attacks was reportedly discovered in Seculert's logs. The Ramnit worm has been around since at least 2010, and has been used to steal banking details and other information.
The firm said: "We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further.
"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks."
Facebook said in response that a small number of users were affected but it was looking into the issue.
It said in a statement:
"Last week we received from external security researchers a set of user credentials that had been harvested by a piece of malware. Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts
"Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices. People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook.
"We encourage our users to become fans of the Facebook Security Page for additional security information."