Gateway Merseyside on Worm Stealing 45,000 Facebook Passwords

Feb. 1, 2012 - PRLog -- Source: http://www.bbc.co.uk/news/technology-16426824
A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned. Gateway Merseyside, a Liverpool based marketing company stated the situation is “very alarming”.
The data is believed to have been taken largely from Facebook accounts in the UK and France. Facebook told the BBC that it was looking into the issue. The latest iteration of the worm was discovered in Seculert's labs.
"We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," said the researchers on the firm's blog. "In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks," it added.
A source at Gateway Merseyside stated “It is very important that this is fixed right away, the longer it is active, and the more users will be affected”. Social networks offer rich pickings for hackers because of the huge amount of personal data that is stored on them. Increasingly malware is being updated for the social networking age.
"It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands," said Seculert. According to Seculert, 800,000 machines were infected with Ramnit from September to the end of December 2011.
“These figures are very alarming” says Gateway Merseyside, “They may think it’s just a bit of harmless fun but that couldn’t be further from the truth”.
Microsoft's Malware Protection Center (MMPC) described Ramnit as "a multi-component malware family which infects Windows executable as well as HTML files... stealing sensitive information such as stored FTP credentials and browser cookies". In July 2011 a Symantec report estimated that Ramnit worm variants accounted for 17.3% of all new malicious software infections. For Facebook users concerned that they have been affected by the worm, the advice is to run anti-virus software.
Last week, Facebook received from external security researchers a set of user credentials that had been harvested by a piece of malware. Their security experts reviewed data they had received, and while the majority of the information was out-of-date, they have initiated remedial steps for all affected users to ensure the security of their accounts.
Gateway Merseyside concludes “Hopefully the end is in sight”.