The Ramnit worm steals more than 45,000 Facebook credentials

Facebook users ought to be more careful about their online security after the birth of the Ramnit worm. For the unknown, Ramnit was first discovered in April 2010 when the Microsoft Malware Protection Center (MMPC) described Ramnit as “Win32/Ramnit is a family of multi-component malware that infects Windows executable files, Microsoft Office files and HTML files. Win32/Ramnit spreads to removable drives, steals sensitive information such as saved FTP credentials and browser cookies. The malware may also open a backdoor to await instructions from a remote attacker.” More than 17.3 % of malicious software infections trace their origin to the Ramnit worm, according to Symantec.

However, that was not all. The Ramnit worm was successful in stealing Facebook credentials of more than 45000 users, mostly from France and the U.K. These stolen credentials were later used to spread malicious links to the profile’s Facebook friends, thus magnifying the reach of the malware by leaps and bounds. The cybercriminals behind this whole motive must have done a thorough research about the behavioral characteristics of online users who tend to use the same password for multiple accounts and services and this helped them to creep into various other corporate networks.

Though all the stolen credentials found on the Ramnit servers have been sent back to Facebook, but it does raise a question on online security and Facebook’s privacy options. More than 800,000 machines are said to be infected with Ramnit from September 2011 to December 2011. In August 2011, hackers behind Ramnit merged several financial-fraud spreading capabilities and created a “Hybrid creature” which was empowered by both the scale of the Ramnit infection and the ZeuS financial data-sniffing capabilities. This enabled Ramnit to bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks.

How to stay safe on Facebook

  • Enable a firewall on your computer.
  • Get the latest computer updates for all your installed software.
  • Use up-to-date antivirus software.
  • Limit user privileges on the computer.
  • Use caution when opening attachments and accepting file transfers.
  • Use caution when clicking on links to web pages.
  • Avoid downloading pirated software.
  • Protect yourself against social engineering attacks.
  • Use strong passwords.

Go here if you need more Facebook Security Tips.

Stay active, stay safe!