07 January 2012

45,000 Facebook logins stolen by worm

NEW DELHI: Users of world's biggest social networking site Facebook face a big risk. According to security firm Seculert, a worm called Ramnit has recently started targeting Facebook accounts with considerable success, and has already stolen over 45,000 Facebook login credentials worldwide.

"Recently, our research lab identified a completely new 'financial' Ramnit variant aimed at stealing Facebook login credentials. Since the Ramnit Facebook C&C (Command & Control servers) URL is visible and accessible, it was fairly straightforward to detect that over 45,000 Facebook login credentials have been stolen worldwide, mostly from users in the United Kingdom and France," says Seculert in a blog post.

The security firm suspects that the attackers behind Ramnit are using the stolen credentials to log-in to victims' Facebook accounts and to transmit malicious links to their friends. In addition, cybercriminals are also believed to take advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.

Microsoft Malware Protection Center (MMPC) described Ramnit, first discovered in April 2010, as "a multi-component malware family which infects Windows executable as well as HTML files", "stealing sensitive information such as stored FTP credentials and browser cookies."

In a report in July 2011, a Symantec report estimated that Ramnit worm variants accounted for 17.3 percent of all new malicious software infections.

No comments :

Post a Comment

Popular Posts