New Facebook malware threat – Ramnit

January 5, 2012 by
Filed under: Computer Security 

Security research company Seculert has been tracking a new variant of the Ramnit worm. The original Ramnit worm has been around for over a year and was designed to steal FTP credentials and cookies stored on your PC. The second version discovered in August of last year was set on obtaining your financial information such as bank logins and account number. Symantec stated in a PDF file last July that oproximatly 17.3% of machine infections could be traced to the Ramnit worm. Over the period of September to December 2011 they tracked the worm on over 800,000 machines. The worm has now taken on a new persona, it now is out to steal your Facebook credentials. If you open an infected Facebook page the worm will install itself on your system and then try to obtain your login credentials. Once it has your information the operators of the worm can hijack your Facebook page and setup Ramnit installation files so that visitors to your page will also get infected. Over 45,000 Facebook accounts have already been compromised but at this time they are mostly located in the United Kingdom and France. Facebook has been notified of the accounts that have been stolen.

The cybercriminals are also taking advantage of the fact that many users have the same password for Facebook that they use for Email, banking and corporate logins. If the attacker gets your email and password from one site they can just try other well traveled sites to see if they can login and steal your credit card information or even transfer funds from your bank account.

To protect yourself from this type of attack be sure to keep your operating system and antivirus updated, do not click on links that someone sends you if you do not know who they are ( and even then be careful ) and do not use the same password all multiple accounts.

Additional information about this treat can be found at the following links:

Facebook Twitter Email


Tell me what you're thinking...