Facebook locks down 45,000 accounts to block Ramnit worm

6 Jan 2012

Facebook has locked down 45,000 accounts infected by a new strain of the Ramnit worm that was recently adapted to enable cyber crime gangs to target Facebook details as a means of accessing other information such as online banking credentials.

While Ramnit has been in existence since 2010, the new strain was discovered in recent weeks.

Worms spread rapidly online because unlike traditional viruses they can reproduce without needing to attach themselves to existing programmes.

A Facebook spokesperson confirmed that affected accounts have been locked down.

Facebook lock-down

Account activity is locked down until users pass through a specific roadblock that requires them to reset their password.

The spokesman said that the majority of information accessed by the worm was out of date so attempts to compromise useres’ accounts would not have been a success.

“Last week we received from external security researchers a set of user credentials that had been harvested by a piece of malware,” the spokesperson said.
“Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts.

“Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices.

“People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook,” the spokesperson said.

The spokesperson advises users to become fans of the Facebook Security Page – http://www.facebook.com/security – to keep up to date on the latest threats.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years