Ramnit Virus is Targeting Facebook Users – Is Your Account Infected?
A Facebook worm has attacked more than 45,000 accounts and compromised login data, mainly in France and Britain. Called Ramnit, the worm was first discovered over two years ago, and was recently re-engineered to steal login credentials.
It could have been developed to add users illegally to corporate Facebook accounts or to gain access to corporate Facebook pages. As of now, it's unknown just what purpose Ramnit serves, but it's clear that its damage has been widespread.
In a statement to the press, Facebook was quick to point out that the virus spreads across computers, not across the actual Facebook platform. "Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices,” a Facebook spokesperson said in a statement.
Facebook has also said that much of the login information stolen was out-of-date. "Over half of these logins were either invalid or had old/expired passwords,” a Facebook spokesperson said in a statement.
Even though it seems the virus has been semi-contained, I still recommend running anti-virus software if anything on your Facebook account looks fishy – like new friends added or spammy links where there should be none.
Figure 2: Ramnit.C Facebook Infection Distribution By Country
Here's a statement from Seculert: