By 6 January 2012 | Categories: news


Approximately 45 000 Facebook log in details worldwide were compromised this week by a ‘worm’ named Ramnit, which gained notoriety as malware that targeted financial institutions.
A new variant though recently emerged, which has apparently set its sights on the popular social network.
Most of the compromised accounts were based in the UK and France.
Cyber threat management company Seculert commented that attackers behind Ramnit may be using the stolen credentials to log-in to victims' Facebook accounts and to transmit malicious links to their friends, magnifying the malware's spread even further.
“In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services, such as Facebook, Gmail, and Outlook Web Access to gain remote access to corporate networks,” it stated on its blog.  
Maliciously expanding
Seculert explained that the worm was a “multi-component malware family which infects Windows executable as well as HTML files” according to the Microsoft Malware Protection Center (MMPC).
Ramnit, which was created to gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks, has been identified as further being able to steal sensitive information such as stored FTP credentials and browser cookies.
Seculert noted that approximately 800 000 machines were infected with Ramnit from September to end of December 2011.
Of no less significance is a Symantec report released last year, which estimated that Ramnit worm variants accounted for 17.3% of all new malicious software infections.
Security measures
Seculert confirmed that it had provided Facebook with all of the stolen credentials that were found on the Ramnit servers.
According to ZDnet, a Facebook spokesman commented that its security experts have reviewed the data.
“While the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts. Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices.

“People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook,” the social network is quoted as saying.  


Magazine Online is South Africa's leading magazine for tech product reviews, tech news, videos, tech specs and gadgets.
Start reading now >
Download latest issue

Have Your Say

What new tech or developments are you most anticipating this year?
New smartphone announcements (5 votes)
Technological breakthroughs (9 votes)
Launch of new consoles, or notebooks (7 votes)
Innovative Artificial Intelligence solutions (4 votes)
Biotechnology or medical advancements (10 votes)
Better business applications (3 votes)