CNET News informs Internet users that the security of their Facebook accounts is in danger. More than 45,000 Facebook Logins were stolen by a worm called Ramnit. The usernames and passwords of the affected persons have been stolen by the malware and now the programme is using these accounts to spread the virus.
Specialists at CNET claim that the majority of the victims registered so far were in France and United Kingdom, but there are chances for the malware to spread in other areas, as well. Once your Facebook account has been attacked by the worm, important software components of your computer may be destroyed. According to analysts, the first to get infected will be the Windows executables, Microsoft Office and HTML files.
The stolen Facebook accounts will be used by the Ramnit virus to transmit malicious links to the friends of the victims. This way, the malware will spread even further. Moreover, virus experts have reasons to believe that Ramnit was created by cybercriminals to obtain remote access to corporate networks. This is possible because most people use the same usernames and passwords for all their Internet accounts, not just the Facebook one. Consequently, many more hackers attack the social network to get information from online users.
This is not the first time IT experts deal with Ramnit. Its presence was first discovered in April 2010. Back then, the worm stole sensitive information such as stored FTP credentials and browser cookies.
In August 2011, analysts noticed that the malware is interested in gaining financial information. It is believed that the malware developers have borrowed source code from the Zeus botnet in order to increase the strength of the malicious software. Thanks to this added power, Ramnit was capable of accessing financial institutions through remote control, to compromise online banking sessions and penetrate several corporate networks.
The worm has become more and more active during the last part of the year. Between September 2011 and the end of the year, more than 800,000 Internet users have reported that their machines have been infected with this virus. Facebook was notified by security researchers and the company will take the necessary measures to prevent such occurrences in the future.