More

HuffPost Social Reading

Facebook Ramnit Worm Swipes 45,000 Usernames, Passwords

Facebook Ramnit

The Huffington Post   First Posted: 01/ 5/2012 3:28 pm Updated: 01/ 5/2012 4:01 pm

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

Facebook users have a new threat to look out for. It's called the "Ramnit" worm, and it has compromised 45,000 user accounts.

According to Seculert Cyber Threat Management blog, Ramnit was discovered in 2010; the following year, the software was used by hackers to infect 800,000 computers and "gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks."

Now, Seculert researchers report, the worm is targeting Facebook users located primarily in the U.K. and France.

"We suspect that they use these [Facebook] credentials to continuously spread the Ramnit malware through Facebook," Co-founder and CTO of Seculert Aviv Raff told PCWorld. When hackers take control of a Facebook account, they can use the profile to spam other users with malicious links that further spread malware like Ramnit.

John Weinschenk, CEO at Cenzic security firm, expressed concerns that compromised Facebook credentials could lead to a rash of unauthorized online banking activities.

"Bank account numbers and Facebook log-in credentials seem very different, but to hackers, they are equally as lucrative," Weinschenk said in a statement emailed to The Huffington Post. "With Facebook credentials, hackers have the ability to propagate the malware, placing it on the Walls of thousands people who then spread it to others. Because many people use the same username and passwords on multiple websites, there’s also the added risk associated with hackers gaining additional access to other social networking websites, email accounts, and corporate networks."

Raff echoed similar thoughts about recycled passwords in his interview with PCWorld.

Facebook, however, says that Ramnit is not a growing threat to users. Fred Wolens, of the social network's Public Policy team, told The Huffington post that Facebook has been aware of the problem for a week and has taken steps to stop the worm in its tracks.

"Thus far, we have not seen the virus propagating on Facebook itself, but have begun working to add this virus to our current AV protections to help affected users secure their computer," Wolens wrote in an email.

He went on to say that the social network has been working to help restore compromised accounts.

"People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook. We encourage our users to become fans of the Facebook Security Page (www.facebook.com/security) for additional security information," Wolens also wrote.

Facebook is no stranger to hackers. Last year, the company hired infamous iPhone and PS3 jailbreaker George Hotz. On Wednesday, Facebook opened registration for its second annual Hacker Cup, where talented programmers from around the world will compete in a series of algorithm challenges to win a trip to Facebook HQ and, of course, the possibility of a job offer from the world's largest social network.

Take a look at the slideshow (below) for helpful tips and tricks that you can try if you suspect your Facebook credentials have fallen into the wrong hands. Read on to learn about the most common Facebook hacks, attacks and scams.

Change Your Password
1  of  10
PLAY
FULLSCREEN
ZOOM
SHARE THIS SLIDE 
If you fell victim to a phishing scheme or another hack attack, it's likely that someone else has obtained your password and is using it to access your account. You'll need to change your login credentials ASAP. Visit Facebook's Account Settings to do this. Remember, don't reuse passwords on different accounts and the more complex the password, the safer you'll be.
MORE SLIDESHOWS NEXT >   |   < PREV

Also on HuffPost:

FOLLOW HUFFPOST TECH

Facebook users have a new threat to look out for. It's called the "Ramnit" worm, and it has compromised 45,000 user accounts. According to Seculert Cyber Threat Management blog, Ramnit was discover...
Facebook users have a new threat to look out for. It's called the "Ramnit" worm, and it has compromised 45,000 user accounts. According to Seculert Cyber Threat Management blog, Ramnit was discover...
Related News On Huffington Post:
 

Read more from Huffington Post bloggers:
Gene Marks

Gene Marks: Prospective Employees: Please Show Me Your Facebook Page

When someone applies to work at my company, I want to see what they're up to on Facebook.

More in Technology...


 
 
  • Comments
  • 36
  • Pending Comments
  • 0
  • View FAQ
Post Comment Preview Comment
To reply to a Comment: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to.
View All
Favorites
Recency  | 
Popularity
photo
Kay Equality Patton
41 Fans
08:33 AM on 01/27/2012
Has anyone seen on your wall what seems to be a video blurred of naked women. It showed up on my wall 2 days ago as me tagged on it and now I see it spreading across friends walls? But no one seems to be saying anything I keep deleting it.
Permalink  |
moiraz
4 Fans
02:27 PM on 01/12/2012
What bugs me about some of these sites (and Facebook) is the worst is that several of them say my password is wrong so I change it. Then I go in again and that one is said to be wrong. I can't post on some anyway yet people post on my Facebook page (well, it' s got my name on it!) and I can't.
So, I end up mostly watching videos on my expensive computer.
Permalink  |
photo
Robert Wm Ruedisueli
7 Fans
12:00 AM on 01/08/2012
Some worms only steal your session, so you should presume both your session and password are compromised, so change your password, and force a logout.
Permalink  |
photo
HUFFPOST SUPER USER
elicourey
It takes a nation of millions to hold me back!
219 Fans
 
09:00 AM on 01/07/2012
Luckily, Mac users aren't affected.
Permalink  |
NevaforLeadership
679 Fans
03:24 PM on 01/06/2012
I dropped Facebook ages ago. Didn't like the teenagers banging at my door. LinkedIn is far more professional, engaging and productive.
Permalink  |
HUFFPOST SUPER USER
wstepp2250
22 Fans
11:54 AM on 01/06/2012
Lets Face reality Ladies and Gentlemen, the same people who design the programs or write the programs we use Daily are connected in some way. When the Companies believe you're using one of their Programs and some swollen Brain Employee thinks for some stupid reason like unregistered with the Company that it is an Illegal Program they make use of a Virus attacks your Computer in some way. The main problem is when registering the Companies ask for so much personal Information there are times I refuse to complete the Forms and suggest a later filling. Too many people working for High Tech Companies have learned to play Games because they enjoy being in charge of something. 3 rd. World Styling, Give the employee a Bundle of Keys and you own the Clown.
Permalink  |
Jennyeezd
0 Fans
10:50 PM on 01/05/2012
I have not become a part of facebook yet since our website is fairly new and we are still in the stages of organizing, adding, and perfecting our content/programs and structure. However, my suggestion is to open a whole new email account, which isn't connected to any of your other email accounts, using a whole new password in which you have never used before. Only use this email account for Facebook purposes only, nothing else, and do this before you create your Facebook account. I have recently created a Facebook account to assist in my future promotions on Facebook, but have not yet started using it. Believe me, this makes a huge difference and gives you maximum control over your privacy and who you want or What you want to find you and your personal information, ect.... :-) All the privacy settings are a huge plus to Facebook, but this helps even more ;-)
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
Op2mystic1
Life is short, let me live mine
581 Fans
07:41 AM on 01/06/2012
Great advice for people to follow. I've had several email accounts over the years that are used for different things. Safe and secure internet usage is how all should think. Hopefully the grandkids had learned from me also.
Permalink  |
photo
instasiter
0 Fans
 
10:50 PM on 01/05/2012
It would be something if Facebook actually had any customer service to deal with these issues instead of hearing about their 'response' in the tech media.

How does the would biggest website have zero customer service yet prepare for IPO?
Permalink  |
HUFFPOST SUPER USER
ChiKevin
132 Fans
09:22 AM on 01/06/2012
You answered your own question: It is the biggest website. Obviously customer service is not a necessary investment for the offering to remain desirable.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
J0E1
Phil Hill 2012
680 Fans
05:51 PM on 01/05/2012
I refuse to believe cryptic messages from friends with links to awesome videos and apps are malicious.
Permalink  |
photo
HUFFPOST SUPER USER
Desolati0n
I am the freshest wizard ever.
30 Fans
 
08:00 AM on 01/06/2012
The funniest part is when you have friend who always spells things SOOOO incredibly wrong, and the grammar used is even good for them.
Permalink  |
photo
HUFFPOST SUPER USER
Monroe Park
I'm your hero.
430 Fans
11:13 AM on 01/06/2012
Speaking of which I see some thing like this right now. Let me just check it ou-

tuo otU

2 l ?+Ɉ+_P

ə eɤ

ƾ

əə

>,

8
Permalink  |
CimmerianX
42 Fans
05:46 PM on 01/05/2012
This is nothing new to us in IT. Just a new way to get infected.

Don't recycle passwords, use a different password for each site.
Don't sign into services at 'open' wifi spots. I can steal your id/pass or just hijack an http session.
Use any of the Free Antivirus on your PC. AVG, Avast, etc...
Use any Free Malware check apps, Malware Bytes is a great one.
Use a hosts file parasite blocker. Spybot S&D has an immunize feature which is great.
Don't use Internet Explorer, use a secure browser, chrome, opera, firefox....
With firefox, use ad block plus, LSO blocker, and ghostery to stop ads and cookies you don't want.

Do regular AV scans
Do regular Malware scans
Don't Run any executable from sites you don't trust (yes including downloads from torrent)

Don't post anything in Facebook you don't want the world to know about. Better yet, do not use any 3rd party service or cloud service top hold your personal records.
Permalink  |
This user has chosen to opt out of the Badges program
poster1122
117 Fans
05:59 PM on 01/05/2012
Don't recycle passwords, use a different password for each site.

Good advice in principle, but impractical for most people who visit a lot of different sites. More practical is to separate your email passwords from your password(s) for sites that you do business on. If I get your email password from a commercial site that has poor security, in most cases, I can probably use your email to retrieve or reset your password(s) from the other commercial sites anyway by claiming to have forgotten my password. So having separate passwords for commercial sites is really not that strong a layer of protection to begin with.
Permalink  |
photo
PenguinLinux
got root ?
130 Fans
06:37 PM on 01/05/2012
Use Firefox with Secure Login, Session Manager and XMarks. Problem solved as far as remembering them goes. If you want to back them up, install Password Exporter and then encrypt the exported file in a zip archive with a password to unzip it.
Permalink  |
photo
PenguinLinux
got root ?
130 Fans
06:43 PM on 01/05/2012
I recommend the following Firefox extensions to be installed and properly configured:

adblock plus
better privacy
checkplaces
colusion
colorful tabs
domain details
febe
flagfox
flash killer
flashblock
ghostery
link checker
newtaburl
noredirect
noscript
optimizegoogle
password exporter
privacychoice tracker
ramback
reloadevery
remove it permanantly
resurrect pages
righttoclick
searchpreview
secure login
session manager
siphon
spamavert.com
statusbarex
trackmenot
unplug
user agent switcher
wot
Permalink  |
ordaj
7 Fans
06:14 PM on 01/05/2012
Tired of babysitting the PC.
Permalink  |
photo
HUFFPOST SUPER USER
sensimilla
You are not your body
824 Fans
11:54 AM on 01/06/2012
don't worry, macs are getting infected now too..funs stuff!
Permalink  |
photo
SanguinesDream
19 Fans
05:39 PM on 01/05/2012
Not only change passwords but have different passwords for every different application.
Permalink  |
photo
HUFFPOST SUPER USER
karen lyons kalmenson
i poem/paint, sometimes, i ain't
1126 Fans
05:29 PM on 01/05/2012
slammit ramnit
go find another
planet
:(
Permalink  |
photo
Neotenous1
122 Fans
 
05:17 PM on 01/05/2012
Time to change your password (again). I just did :-)
Permalink  |
This user has chosen to opt out of the Badges program
photo
cuoi
The obstacle is the path
804 Fans
11:29 AM on 01/06/2012
What is your new password?
Permalink  |
photo
LLNYRN
67 Fans
12:44 PM on 01/06/2012
LOL
Permalink  |
HUFFPOST SUPER USER
gemini68
558 Fans
01:54 PM on 01/06/2012
password - LOL!
Permalink  |
photo
HUFFPOST SUPER USER
Jeff MacDonald
Rights and privileges are not the same.
500 Fans
05:16 PM on 01/05/2012
So that's where all my money went! I was wondering.
Permalink  |
photo
HUFFPOST SUPER USER
Jeff MacDonald
Rights and privileges are not the same.
500 Fans
05:18 PM on 01/05/2012
Damn Ramnit!
Permalink  |