A nasty bit of malware making the rounds on Facebook has reportedly made off with the usernames and passwords of more than 45,000 users. The worm, dubbed Ramnit, has the ability to infect Windows, Microsoft Office and HTML files, say the experts at McAfee.
Security researchers at a company called Seculert issued a bulletin about Ramnit, saying that it mostly affects users from France and the United Kingdom, according to CNET.
“We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” Securlet said in its bulletin. “In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.”
This isn’t the first instance of Ramnit’s thievery — in April 2010 it reportedly stole FTP credentials and browser cookies. Then in August 2011, CNET says its developers borrowed source code and “went financial,” gaining access to financial institutions, corporate networks and online banking sessions. It reportedly infected 800,000 machines between September 2011 and the end of the year.
Facebook has been notified with a list of the stolen credentials found on Ramnit’s server. If you are worried your information has been compromised, it’s good to change your password often. For more security tips, check out our benevolent benefactors over at Consumer Reports for a guide to online security and computer security software.