Everyone’s going social, we all have several social networking accounts, our parents (and even pets) have Facebook accounts, businesses are going social, and now, it’s malware’s turn to go social. It’s been recently reported that Ramnit, a “multi-component malware family which infects Windows executable as well as HTML files”, has stolen over 45,000 Facebook login credentials.
The bug is not new, it was first discovered in 2010 as a malware that steals sensitive information. In August 2011, the worm evolved and merged with several financial-fraud and became a “hybrid creature” that targeted financial information. According to Seculert, the latest Ramnit is now aiming at stealing Facebook login credentials in hopes of accessing other sites using the same credential (even more reason for you to stop reusing your passwords).
The malware is said to attack a specific account, log into it and transmit malicious links to friends of that account, making it spread even faster. However, before you start panicking, be glad to know that majority of compromised accounts are users who reside in UK and France, but it doesn’t hurt to practice better password habit and maybe just change them once in a while. For attacks like such, you‘re not only putting yourself at risk, but you might be getting your friends infected as well.