According to security firm Seculert, the Ramnit worm that normally goes after financial institutions has now decided to go after Facebook users and has recently compromised over 45,000 Facebook logins. The Ramnit worm goes back to April of 2010 and is the type of malware that infects Windows executable and HTML files and steals information such as stored names and passwords.Back in July Ramnit was responsible for 17% of all new malicious software infections.
But recently, Ramnit has decided to go after Facebook's 800 million users and manged to compromise 45,000 accounts. Of these 45,000 accounts, around 69% were from U.K. users, 27% were from French users and the other 4% were from other countries. Facebook has said most of the login credentials were outdated, but it was still notifying the affected users.
"We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," Seculert said.
Facebook has since warned users against clicking on suspicious links and to report any abnormal activity.