45,000 Facebook Logins Stolen, Could Spread Malware [News]

What do you do with a worm used for financial fraud when that gig starts to feel a little stale? You use it to steal Facebook logins and spam malware.

That’s what has happened in the case of Ramnit, a malicious worm that has been spreading via executable and HTML files since April of 2010 (yes, almost two years ago). Security firm Seculert recently noticed that it has begun to target Facebook users, stealing their login credentials. Most of the users targeted so far live in the United Kingdom and France.

While it’s impossible to know exactly why these logins were stolen, it’s fairly easy to guess. Compromised Facebook logins are an excellent way to spread malware or conduct phishing attacks. A simple wall post with a shortened URL can easily direct the friends of a compromised account to malicious websites. This can allow malware to spread or trick users into giving up personal information.

It’s also possible that victims with compromised accounts could have them used to grant access to other services. Many people use the same password for Facebook as they do for other sites including email and even online banking. In addition, most people list their employers on their profile, which opens up the possibility of attacks against governments and corporations.

Consider this a reminder that you shouldn’t use the same password for all your accounts. Also, it’s wise not to click through links on social networking sites without using a website or browser plugin that can reveal the link’s full URL, making it possible to verify that it goes where it claims.

Source: Ars Technica


MakeUseOf Recommends

Matt Smith

Matthew Smith is a freelance writer living in Portland Oregon. He also writes for Digital Trends and runs a gaming blog called The Skill Point. You can follow him on Twitter or .

The comments were closed because the article is more than 180 days old.

If you have any questions related to stuff mentioned in the article or need help with any computer issue, just ask it on MakeUseOf Answers.

Hide 5 Comments

  • Headlights January 8, 2012
    0 likes

    It is the major issue with internet security. Sometimes you just accidently click on the link without knowing it

    | Like
  • Lvl54spacemonkey January 8, 2012
    0 likes

    Is this sounding a little like the plot to Summer Wars to anyone else?

    | Like
  • Rosebud755 January 9, 2012
    0 likes

    what does a shorten url look lime i dont know please help. should u always log off facebook not stay logged in?

    | Like
  • Joel Lee January 9, 2012
    0 likes

    Sucks for the guys in the UK and France. I can see how this problem could spread like wildfire through Facebook — there are a lot of tech-unsavvy users on there. Let’s hope it doesn’t spread much more than this.

    | Like
  • Dannyfixit07 January 10, 2012
    0 likes

    Why don’t people just run around NAKED?!!  They will cover up that body of theirs (which usually does me NO good), but they lay bare EVERYTHING about their whole existence on FB and Google etc.   I can do more with their names, birth dates, passwords, emails, addresses, employers, love life, habits, yadda yadda yadda .  But, yet, as this article points out, they bare all to the world.  And that world includes the FB advertisers and Google cronies that suck up data all about you…. you specifically.  Security agreements from banks, insurance companies, credit cards etc are really meaningless, just like FB’s privacy.

    | Like