Worm Infects 45,000 Facebook Users

Most of the time when you click on a Facebook link that a friend has posted, you get something nice. An amusing photo of a man embarrassed by his decisions. A video of Maru jumping into a box. But, if your friend has been infected with the Ramnit worm, you’ll end up losing something.

Security company Seculert had been tracking the Ramnit worm when it discovered that the little beast jumped from committing financial fraud to stealing Facebook login credentials. Discovered in April of 2010, the worm is a multi-component malware that infects Windows executables, Office files and HTML files. Once infected, it uses those files to steal authentication and transaction signing systems according to Microsoft.

Seculert states in a blog post:

We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further. In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.

So far the worm’s Facebook invasion seems to be confined to mostly the UK and France. Still, it’s always a good idea to switch up your passwords regularly. Not only on Facebook, but on any system that requires you to log in. [Seculert via Ars Technica]


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.