About 45,000 Facebook accounts have been infected by the “Ramnit” worm. It is stealing usernames and passwords primarily tn the United Kingdom and France, the social networking site has confirmed.
It was discovered in 2010 that hackers used Ramnit the following year to infiltrate 800,000 computers and gain access to financial institutions, online banking and corporate networks.
In a blog post by Securlert Cyber Threat Management said, “We suspect that the attackers behind Ramnit are using the stolen credentials to log into victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further.”
“In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.”
According to a Facebook spokesman, more than half of the hacked logins were either invalid or had old or expired passwords, and the social network is working to help restore compromised accounts.