The nasty Ramnit worm, originally designed to target bank systems, is now stealing Facebook login credentials, security experts have warned.
Researchers at Israeli security firm Seculert found Ramnit’s command-and-control server containing all the stolen Facebook login credentials.
According to Seculert, a modified version of the malware has managed to steal more than 45,000 user accounts, mostly from the United Kingdom and France.
Securlet said in its bulletin, “We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further.
“In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.”
Ramnit, first detected in April 2010, is a multi-component malware family which infects Microsoft and HTML files, and Windows programs.
Seculert notifies Facebook:- Seculert has provided Facebook with the stolen data that it discovered on Ramnit servers.
The social networking giant confirmed that it was aware of the Ramnit worm and was taking steps to combat the problem.
Meanwhile, they are also urging users to be vigilant and offering them advice to be on guard against hacks.
Some recommendations for protection include not clicking on strange links, to report suspicious activity on the social network, and join the Facebook Security Page (www.facebook.com/security) for additional security information.
Fred Wolens of the social network’s Public Policy team stated, “Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts.
He added, “Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices.”
Ramnit first spotted in 2010:- Ramnit, first detected in April 2010, is a multi-component malware family which infects Microsoft and HTML files, and Windows programs.
In August 2011, the Ramnit worm was able to “gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks.”
Seculert found that approximately 800,000 computers were infected with Ramnit variants from September to the end of December last year.
“It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms,” said Seculert.
Article Source: Articles Engine