45,000 Facebook Accounts Attacked by a Malware Worm
- Posted on January 5, 2012 at 12:53pm by
Liz Klimas
- Print »
- Email »
What was once a worm used to commit financial fraud, Ramnit is now infecting more than 45,000 Facebook accounts, according to the security firm Seculert.
Distribution of the Ramnit worm. (Image: Seculert)
In stealing the login credentials from accounts, mostly in France and and the U.K., Seculert believes that the worm is being used to hack into accounts and transmit malware in the form of links to friends.
Seculert has more on the worm’s history:
Discovered in April 2010, the Microsoft Malware Protection Center (MMPC) described Ramnit as “a multi-component malware family which infects Windows executable as well as HTML files”, “stealing sensitive information such as stored FTP credentials and browser cookies”. In July 2011 a Symantec report [PDF] estimated that Ramnit worm variants accounted for 17.3 percent of all new malicious software infections.
In August 2011, Trusteer reported that Ramnit went ‘financial’. Following the leakage of the ZeuS source-code in May, it has been suggested that the hackers behind Ramnit merged several financial-fraud spreading capabilities to create a “Hybrid creature” which was empowered by both the scale of the Ramnit infection and the ZeuS financial data-sniffing capabilities. This synergy has enabled Ramnit to bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks. With the use of a Sinkhole, we discovered that approximately 800,000 machines were infected with Ramnit from September to end of December 2011.
The worm affecting Facebook is cited as a completely new version. Slashgear describes the worm as changing ever since it was spotted in 2010 and states that all Ramnit variations account for 17.3 percent of all total software infections.
The firm also thinks that in gaining passwords of these accounts, it could be taking advantage of users who don’t change their passwords for other accounts such as Gmail, Corporate SSL VPN and Outlook Web Access.
Update: Facebook has come out to say that most of the passwords stolen were “out of date.” In a statement, the social networking site says that it is taking steps to help those who were affected though.
[H/T Ars Technica]
Comments (4)
Sign In To Post Comments! Sign In
Popular Stories
MSNBC Host Snaps in Heated Segment: ‘What in the World Is Riskier Than Being a Poor Person in America?’ 678 Comments
Does Misstated Marathon Claim Prove Paul Ryan Is Dishonest? (POLL) 632 Comments
‘Jumah at the DNC’ Speaker: ‘Muslims Visited America Prior to Columbus’ & ‘It Was a Muslim’ Who Guided Him to the ‘New World’ 523 Comments
Obama: RNC Like Watching ‘Black-and-White TV’ Because Romney ‘Did Not Offer a Single New Idea’ 360 Comments
Have You Seen the Giant ‘Sand Obama’ Sculpture in Charlotte? 311 Comments
Faith
This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 130 Comments- Pakistani Muslim Cleric Accused of Framing Disabled Christian Girl in Koran-Burning Case Read More
- ‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 180 Comments
Meet the Controversial German Imam Accused of Brutally Beating His Wife & Pushing Sharia Law Read More
‘Self-Proclaimed Messiah’ & Unification Church Leader the Rev. Sun Myung Moon Has Died — Here’s His Life Story Read More
Business
- Germany’s Upcoming Court Ruling Will be Huge for the EU Read More
Ford Looks to Beat Toyota for Best-Selling Car in 2012 With This Model 146 Comments
Bernanke & QE3: Here’s What You Need to Know Read More- ‘Extortion’: Why Did the Labor Department ‘Drop the Hammer’ on Oregon Farmers? 300 Comments
Scathing New Ad Capitalizes on Rep. Ryan‘s ’Fading Obama Posters’ Remark 124 Comments
Technology
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 130 Comments
‘TaserDrone’: Hackers Weaponize Quadcopter With Actual ‘Shocking’ Technology Read More
Ever Heard of the Wild ‘Burning Man’ Festival in the Middle of the Nev. Desert? Here’s Your Primer Read More
Stanford Develops Technology ‘Better Than Steroids’ for Athlete Recovery Read More
Have You Pretended to Know What ‘the Cloud’ Is? You’re Not Alone Read More
Submitting your tip... please wait!
dontbotherme
Posted on January 6, 2012 at 12:05pmThis scares me. Technology is great but some little p_ssants always have to screw things up.
Report Post »certified ethical hacker
Posted on January 10, 2012 at 8:36pmhttp://msisac.cisecurity.org/newsletters/2010-09.cfm
Report Post »certified ethical hacker
Posted on January 10, 2012 at 10:37pmit is a lot more than the little piss ants LMAO the china government has contest to determine the best hackers and then hires them here is some good infomation though
http://www.windowsecurity.com/articles/hunt-down-kill-malware-sysinternals-tools-part1.html
Report Post »http://technet.microsoft.com/en-us/sysinternals/bb842062
http://technet.microsoft.com/en-us/sysinternals/bb896653
BenInNY
Posted on January 5, 2012 at 7:18pmWhat the… I swear this article wasn’t there just an hour ago, but it says it was from 12:53?
Report Post »