Facebook has been marred by another security hoax. The worm Ramnit was detected two years ago and has already done with passwords of 45,000 of their members.
The danger of Ramnit is that is can not only figure out thousands of people using the social network which has a remarkable following of 800 million users. The worm can also infect Windows executable files, Microsoft Office and HTML files, as reported by
the security company McAfee.
"Recently, our research lab identified a completely new ‘financial’ Ramnit variant aimed at stealing Facebook login credentials. Since the Ramnit Facebook C&C URL is visible and accessible it was fairly straightforward to detect that over 45,000 Facebook
login credentials have been stolen worldwide, mostly from users in the United Kingdom and France," it said.
The worm was first discovered in April 2010. In August last year it returned to haunt financial market, penetrating remote corporate networks. About 800,000 machines were infected between September and December.
Symantec estimated last year that the various versions of Ramnit were responsible for 17.3% of malware attacks.
Another company, Trusteer, stated in August 2011 that the virus makers have made ??a combination with another digital pathogen source, Zeus, making it effectively more dangerous.
It is not the first time the Facebook has been attacked by a virus. Koobface, attacked Facebook and MySpace in 2008. The method of spreading the virus was through a message to encourage other members to a supposedly link to a page where videos could be seen.
"We suspect that the attackers behind Ramnit are using the stolen credentials to log into victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further," Securlert Cyber Threat Management
said in a blog post.
"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks."