Facebook Ramnit Worm Swipes 45,000 Usernames, Passwords

Malicious Facebook Worm Steals Thousands Of User Logins

Facebook users have a new threat to look out for. It's called the "Ramnit" worm, and it has compromised 45,000 user accounts.

According to Seculert Cyber Threat Management blog, Ramnit was discovered in 2010; the following year, the software was used by hackers to infect 800,000 computers and "gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks."

Now, Seculert researchers report, the worm is targeting Facebook users located primarily in the U.K. and France.

"We suspect that they use these [Facebook] credentials to continuously spread the Ramnit malware through Facebook," Co-founder and CTO of Seculert Aviv Raff told PCWorld. When hackers take control of a Facebook account, they can use the profile to spam other users with malicious links that further spread malware like Ramnit.

John Weinschenk, CEO at Cenzic security firm, expressed concerns that compromised Facebook credentials could lead to a rash of unauthorized online banking activities.

"Bank account numbers and Facebook log-in credentials seem very different, but to hackers, they are equally as lucrative," Weinschenk said in a statement emailed to The Huffington Post. "With Facebook credentials, hackers have the ability to propagate the malware, placing it on the Walls of thousands people who then spread it to others. Because many people use the same username and passwords on multiple websites, there’s also the added risk associated with hackers gaining additional access to other social networking websites, email accounts, and corporate networks."

Raff echoed similar thoughts about recycled passwords in his interview with PCWorld.

Facebook, however, says that Ramnit is not a growing threat to users. Fred Wolens, of the social network's Public Policy team, told The Huffington post that Facebook has been aware of the problem for a week and has taken steps to stop the worm in its tracks.

"Thus far, we have not seen the virus propagating on Facebook itself, but have begun working to add this virus to our current AV protections to help affected users secure their computer," Wolens wrote in an email.

He went on to say that the social network has been working to help restore compromised accounts.

"People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook. We encourage our users to become fans of the Facebook Security Page (www.facebook.com/security) for additional security information," Wolens also wrote.

Facebook is no stranger to hackers. Last year, the company hired infamous iPhone and PS3 jailbreaker George Hotz. On Wednesday, Facebook opened registration for its second annual Hacker Cup, where talented programmers from around the world will compete in a series of algorithm challenges to win a trip to Facebook HQ and, of course, the possibility of a job offer from the world's largest social network.

Take a look at the slideshow (below) for helpful tips and tricks that you can try if you suspect your Facebook credentials have fallen into the wrong hands. Read on to learn about the most common Facebook hacks, attacks and scams.

Change Your Password

Scrubbing You Facebook Profile: What To Do If You've Been Scammed(CLONED)

Before You Go

Popular in the Community

Close

What's Hot