Facebook Worm-eaten? 45,000 in U.K. and France Would Say “Yes”…
…or “Oui.” Security firm, Seculert, whose lab discovered it, reported that a computer worm stole 45,000 login credentials from Facebook accounts in the U.K. and France.
According to a BBC report, the malware that wormed its way into the heart of 45,000 Facebook accounts was named Ramnit, which has been around since April 2010 and previously gained notoriety for stealing banking details.
The BBC quotes Seculert researchers as saying, “We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread….
“In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks.”
Like Willie Sutton who said he robbed banks because “that’s where the money is.” (Okay, it was a newspaper reporter trying to spice up a story and not the famous bank robber who said it. Just this week, California’s Governor, Jerry Brown used the quote with an erroneous attribution to Sutton). But, we digress. The point is social networks have become major hacking targets because that’s where so much personal information is stored by users who believe social networks are safe.
Seculert, which says some 800,000 machines were infected with Ramnit between September and the end of December 2011, notes, “It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms.”
Ramnit was defined by Microsoft’s Malware Protection Center (MMPC) as “a multi-component malware family which infects Windows executable as well as HTML files… stealing sensitive information such as stored FTP credentials and browser cookies.” Symantec estimated that Ramnit worm variants accounted for fully 17.3% of all new malicious software infections.
Facebook users were advised to run anti-virus software if they were concerned that they have been affected. However, Graham Cluley, senior security consultant at Sophos observed, “It won’t necessarily be obvious that you have been attacked. The worm is stealing passwords so it is not going to announce itself.”
To be effective a solution has to catch and kill worms before they can burrow deep into a social network’s most vital asset — its users. ThreatMetrix™ provides solutions that do just that for both social networks and financial services, e-commerce, government, and healthcare. ThreatMetrix offers a variety of solutions that protect customer data and ensure secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks.
