Pinterest Stumbleupon Whatsapp

What do you do with a worm used for financial fraud when that gig starts to feel a little stale? You use it to steal Facebook logins and spam malware.

That’s what has happened in the case of Ramnit, a malicious worm that has been spreading via executable and HTML files since April of 2010 (yes, almost two years ago). Security firm Seculert recently noticed that it has begun to target Facebook users, stealing their login credentials. Most of the users targeted so far live in the United Kingdom and France.

While it’s impossible to know exactly why these logins were stolen, it’s fairly easy to guess. Compromised Facebook logins are an excellent way to spread malware or conduct phishing attacks. A simple wall post with a shortened URL 10 Short URL Services Face Off! 10 Short URL Services Face Off! Read More can easily direct the friends of a compromised account to malicious websites. This can allow malware to spread or trick users into giving up personal information.

It’s also possible that victims with compromised accounts could have them used to grant access to other services. Many people use the same password for Facebook as they do for other sites including email and even online banking. In addition, most people list their employers on their profile, which opens up the possibility of attacks against governments and corporations.

Consider this a reminder that you shouldn’t use the same password for all your accounts. Also, it’s wise not to click through links on social networking sites without using a website or browser plugin that can reveal the link’s full URL, making it possible to verify that it goes where it claims.


Source: Ars Technica

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Dannyfixit07
    January 10, 2012 at 3:47 pm

    Why don't people just run around NAKED?!!  They will cover up that body of theirs (which usually does me NO good), but they lay bare EVERYTHING about their whole existence on FB and Google etc.   I can do more with their names, birth dates, passwords, emails, addresses, employers, love life, habits, yadda yadda yadda .  But, yet, as this article points out, they bare all to the world.  And that world includes the FB advertisers and Google cronies that suck up data all about you.... you specifically.  Security agreements from banks, insurance companies, credit cards etc are really meaningless, just like FB's privacy.

  2. Joel Lee
    January 9, 2012 at 7:00 am

    Sucks for the guys in the UK and France. I can see how this problem could spread like wildfire through Facebook -- there are a lot of tech-unsavvy users on there. Let's hope it doesn't spread much more than this.

  3. Rosebud755
    January 9, 2012 at 3:06 am

    what does a shorten url look lime i dont know please help. should u always log off facebook not stay logged in?

  4. Lvl54spacemonkey
    January 8, 2012 at 10:40 pm

    Is this sounding a little like the plot to Summer Wars to anyone else?

  5. Headlights
    January 8, 2012 at 8:55 pm

    It is the major issue with internet security. Sometimes you just accidently click on the link without knowing it