If you are a Facebook user in the United Kingdom or in France, then it’s time to change your account password. The infamous Ramnit worm, which earlier was used to gain access to financial credentials, is now targeting users on Facebook. Reports indicate that the worm was first detected 18 months ago, and is now continuing to evolve on the social networking giant.
According to researchers at the Israeli firm Seculert, a variant of Ramnit was found and has managed to steal over 45,000 Facebook users’ credentials, mostly in the United Kingdom and France, and infected over 800,000 systems from September to December 2011.
Ramnit a is malware program that is designed to attack Windows executable files (.exe files), MS Office, and HTML documents. The malware is used to steal sensitive information such as user names, passwords, FTP credentials, and browser cookies. The malware program can “bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks,” Seculert wrote in a blog post Thursday.
Hackers are posting scam messages with links to bogus sites to spread the malware program. When users visit an infected web page, malware programs are automatically downloaded on the user’s computer, which gathers all the required information, like login credentials and saved passwords. The credentials are then accessed by the hackers to compromise users’ accounts. Once the victim’s account is compromised, it is suspected that the Ramnit download link is posted on the Facebook Timeline.
We at Techie Buzz have warned our readers several times on scams spreading on Facebook, and have also provided tips on how to identify and avoid clicking scam links on Facebook. Facebook has recently added two new security features – Trusted Friends and Application Passwords – which are intended to keep your account secured and keep hackers at bay.
As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you are not sure how to do it, you can always check our guide on - removing apps from Facebook. In addition to that, don’t forget to check out our article about - Avoiding Facebook Lifejacking and Clickjacking scams.