Worm steals 45,000 Facebook passwords, researchers say

Worm steals 45,000 Facebook passwords, researchers say

www.bbc.co.uk

A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned.

The data is believed to have been taken largely from Facebook accounts in the UK and France, according to security firm Seculert.

The culprit is a well-known piece of malware - dubbed Ramnit - which has been around since April 2010 and has previously stolen banking details.

(visit the link for the full news article)


Related News Links:
www.readwriteweb.com
www.net-security.org

The article goes on to say :

The latest iteration of the worm was discovered in the labs of security firm Seculert.

"We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," said the researchers on the firm's blog.

"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks," it added.

From readitontheweb :

Once Ramnit joined forces with the leaked ZeuS source-code in May, the Seculert blog says it became a "Hybrid creature." That is, it took on ZeuS' financial-data investigative nature and gained access to financial institutions. As a result, it compromised online banking sessions and also attacked a few corporate networks. The Ramnit worm burrows through Facebook, spreading malware to the walls of thousands of innocent Facebook users.

As if these wasn't enough reasons to stay away from Facebook it looks like we have a really nasty malware problem going on here. Im not quite sure what the ultimate end goal for this worm is but its not going to be good. At the moment it just seems the makers are just trying to spread it about as much as possible but seeing as its been used to steal banking details in the past this is not something you want to come in contact with.

Seems like privacy concerns on face book keep getting bigger every day. At least with your own computer at home you can go to great lengths to be as secure as possible but everyone one face book has the same few basic levels of security. So in the end on Facebook you are only ever really as secure as facebooks own security measures.

www.bbc.co.uk
(visit the link for the full news article)

Originally posted by PhoenixOD

From readitontheweb :

Once Ramnit joined forces with the leaked ZeuS source-code in May, the Seculert blog says it became a "Hybrid creature." That is, it took on ZeuS' financial-data investigative nature and gained access to financial institutions. As a result, it compromised online banking sessions and also attacked a few corporate networks. The Ramnit worm burrows through Facebook, spreading malware to the walls of th

this is aaa grade stuff, hybrid ..um joining...its what one would say and describe as artificial intelligence. Its simply cannot stop or be deleted throughout the net. Learn to live with it, embrace it, cuddle it.

reply to post by PhoenixOD


glad the novelty wore off on me long ago..woo hoo

i don't know about you guys but what harm can a facebook worm do? the worst i can imagine is that your profile will be spammed with your own posts saying " I love Mudkipz"

reply to post by ZeroUnlmtd

I thought the risk was explained earlier in the thread about how people use the same PW for their facebook account as their corporate network, so the cybercriminals can break into the corporate network of the employer of the person in the hacked facebook account.

That's plausible, I only use about 10 passwords for over 50 different accounts online so I tend to re-use mine to some extent, which I guess I really shouldn't... though I will say I never used my corporate access password elsewhere for precisely this reason, but I suspect some people do.

This isnt anything new, I mean these worms have been around since early 2010 and many businesses do not inform their customers unless a credit card details has been stolen.

They're just trying to take down facebook. I aint mad at em.

I use a ridiculously long password btw.

reply to post by LightWarrior11

Once they steal it, it's just as easy to copy and paste a 100 character password as it is a 6 character password, so password length won't matter in this context.

A long password is good as a general security measure but when a worm steals the password it's no better than a short one.

Also, cybercriminals have other priorities besides taking down facebook. They want things like, your corporate secrets, and the money from your bank accounts.

That's why I have like 5 different passwords I use, they are crazy passwords too some you would never think of and I have them memorized like the word "dog" lol For instance here is a good password: day771nightz284

reply to post by Evanzsayz


Thats not bad but if you want to be very secure you should think about using a pass 'phrase' instead of a password.

Like:

YouWantTheTruth?YouCantHandleTheTruth!

Can someone tell me why people still use Facebook?
It has been confirmed that they used to track websites you visited, was hacked multiple times, one of those times hardcore porn and gore was posted, and now passwords are being stolen.
Huh, they called me stupid for not getting a Facebook.

reply to post by insanedr4gon


More than 800 million active users, so 45K p/w is a drop in the ocean if you really sit down and think about it, besides that, many businesses do generate indirect revenue due to facebook. Its simply a tool, when used smart enough it will generate revenue.