Facebook users have a new threat to look out for. It's called the "Ramnit" worm, and it has compromised 45,000 user accounts.
According to Seculert Cyber Threat Management blog, Ramnit was discovered in 2010; the following year, the software was used by hackers to infect 800,000 computers and "gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks."
Now, Seculert researchers report, the worm is targeting Facebook users located primarily in the U.K. and France.
"We suspect that they use these [Facebook] credentials to continuously spread the Ramnit malware through Facebook," Co-founder and CTO of Seculert Aviv Raff told PCWorld. When hackers take control of a Facebook account, they can use the profile to spam other users with malicious links that further spread malware like Ramnit.
John Weinschenk, CEO at Cenzic security firm, expressed concerns that compromised Facebook credentials could lead to a rash of unauthorized online banking activities.
"Bank account numbers and Facebook log-in credentials seem very different, but to hackers, they are equally as lucrative," Weinschenk said in a statement emailed to The Huffington Post. "With Facebook credentials, hackers have the ability to propagate the malware, placing it on the Walls of thousands people who then spread it to others. Because many people use the same username and passwords on multiple websites, there’s also the added risk associated with hackers gaining additional access to other social networking websites, email accounts, and corporate networks."
Raff echoed similar thoughts about recycled passwords in his interview with PCWorld.
Facebook, however, says that Ramnit is not a growing threat to users. Fred Wolens, of the social network's Public Policy team, told The Huffington post that Facebook has been aware of the problem for a week and has taken steps to stop the worm in its tracks.
"Thus far, we have not seen the virus propagating on Facebook itself, but have begun working to add this virus to our current AV protections to help affected users secure their computer," Wolens wrote in an email.
He went on to say that the social network has been working to help restore compromised accounts.
"People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook. We encourage our users to become fans of the Facebook Security Page (www.facebook.com/security) for additional security information," Wolens also wrote.
Facebook is no stranger to hackers. Last year, the company hired infamous iPhone and PS3 jailbreaker George Hotz. On Wednesday, Facebook opened registration for its second annual Hacker Cup, where talented programmers from around the world will compete in a series of algorithm challenges to win a trip to Facebook HQ and, of course, the possibility of a job offer from the world's largest social network.
Take a look at the slideshow (below) for helpful tips and tricks that you can try if you suspect your Facebook credentials have fallen into the wrong hands. Read on to learn about the most common Facebook hacks, attacks and scams.
If you fell victim to a phishing scheme or another hack attack, it's likely that someone else has obtained your password and is using it to access your account. You'll need to change your login credentials ASAP. Visit Facebook's Account Settings to do this. Remember, don't reuse passwords on different accounts and the more complex the password, the safer you'll be.
If you believe someone has gained access to your Facebook profile and is posting unauthorized content in your name, Facebook's Roadblock tool can help verify your identity and secure your account against the spammer.
One of Facebook's new security features will implement a two-step login process the first time your account is accessed from an unfamiliar device. If you enable this feature, Facebook will send a verification text to your mobile device before allowing access from the new location. You can save or block the new device via your handset. If a foreign device fails to log in, Facebook will notify you when you next log in from one of your approved devices and will give you the option of resetting your password if you suspect foul play.
When you approve a normal app, you "allow" the app access to your profile, trusting that the developers will post only updates about your in-app activities. However, spammers will use this open door to take over your profile. If you fell for a rogue app and mistakenly clicked "Allow," or if you notice excessive activity on your account, you should edit your list of apps and remove any suspicious ones. To do this, open the drop-down box under your Account tab, click "Privacy Settings" and find the "Apps and Websites" settings management tool (at the bottom of the page). This tool will help you manage your apps and the kind of information they can access. Your Apps Page lets you turn off all platform apps or remove/edit each app individually. It's a good idea to use this tool every now and again, since apps tend to pile up over time.
As soon as you can, delete spammy posts from your wall and Facebook inbox. The fewer there are, the less likely you or your friends will be to click on them.
If you were tricked into "Liking" a scam, you'll need to edit your interests on your profile and remove any links to spam sites you may have acquired.
If you suspect your account has been compromised, you can alert Facebook through several channels. To report privacy breaches, you can direct reports to firstname.lastname@example.org. If a scammer gained access to your account password via phishing attack, you can fill out Facebook's phishing report. Facebook also provides a separate form for reporting a malicious link or website.
Facebook recommends that you scan your computer hard drive for malicious software that could potentially tap into your profile again. If you don't have an antivirus app, Facebook suggests using a free trial of McAfee.
If you've entered a line of malicious code into your browser and believe that someone has taken control of your profile and is in the process of spamming your friends, log out of Facebook to stop the attack. One of Facebook's new security features may also notify you of suspicious activity on your account, such as excessive "Likes" or posts.