Security company Seculert has confirmed that a computer worm known as Ramnit has stolen the email addresses and passwords of 45,000 facebook users. The majority of affected users are in accounts from France and the UK.
The culprit – the malicious Ramnit worm – has been around since early 2010 and has previously stolen bank account details. Discovered by researchers at Seculert they commented:
“We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further.“
Seculert report that Ramnit had infected over 800,000 machines from September to December 2011. The sophisticated worm can infect executable Windows and html files; and most worryingly, most users will have no idea that it is even present within their machine. Once the Ramnit worm has acquired the login details on a facebook account, it has the ability to post messages – loaded with a malicious link – on the walls of the users friends.
Cybercrime increased exponentially in 2011 and this trend is due to continue in 2012, especially on social networking platforms. Cybercriminals are using ever more sophisticated malware to attack their victims, however there is a much greater requirement for individuals to be more proactive in their preventative action.
Cybercriminals are exploiting the fact that many users use the same login and password details for multiple accounts, including work and personal accounts. This increases the scope for cybercriminals when they acquire login credentials and places both individuals and businesses at greater risk.
2012 should be the year that individuals and businesses finally take ownership of their cyber security. It’s an unpleasant truth that cybercrime is growing and will potentially affect all of us at one time or another. The thing to do though is to understand how to mitigate against such cyber attacks, put in place measures against them and use the internet in a sensible way (for example don’t use the same login details for your facebook, bank account and work profiles!).
Source: Seculert & BBC News