Facebook Down: Worm Steals Login Info of 45K, How to Protect Your Account

According to Israeli security management Web site Seculert, a Ramnit virus stole the login data for 45,000 Facebook users in the United Kingdom and France.

Recently, our research lab identified a completely new 'financial' Ramnit variant aimed at stealing Facebook login credentials. Since the Ramnit Facebook C&C URL is visible and accessible it was fairly straightforward to detect that over 45,000 Facebook login credentials have been stolen worldwide, mostly from users in the United Kingdom and France, Seculert said on its company Web site.

The stolen credentials were used to spread the virus to other friends and to even attack the victim's other web-based services, as many users use the same passwords for other services like their e-mail accounts and other social media sites.

According to Microsoft, the Ramnit virus is a multi-component malware family which infects Windows executable as well as HTML files in addition to stealing stored FTP credentials and cookies from Web browsing.

Ramnit, according to PC World, is a two-year-old worm that has become more of a threat since it recently began to use borrowed code from malware Zeus, infecting about 800,000 machines worldwide in the past few months.

Seculert said it gave all pertinent data regarding the Ramnit virus to Facebook, including all stolen credentials found on the servers.

Our security experts have reviewed the data, and while the majority of the information was out of date, we have initiated remedial steps for all affected users to ensure the security of their accounts, a Facebook representative told ZD Net.

Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our antivirus systems to help users secure their devices.

While social networks have the power to virally transfer information and communicate with others on a large scale, viruses can spread just as fast as sending a simple Hello to a friend. So how do you protect yourself and secure yourself from harmful viruses like the Ramnit, which anti-virus software Symantec reported accounted for 17.3 of all malicious software infections?

Facebook said while the social networking Web site is currently adding additional antivirus software protection, users should never click on any strange links or tagged posts from untrusted sources. Facebook also recommended reporting suspicious activity directly to Facebook security and to join the Facebook Security page for the most up-to-date security updates about potential threats and viruses.

Also, Web users should be reminded to vary passwords, rather than having the same password for all Web services, and changing them frequently.