Facebook on Sunday acted quickly to stop the spread of the Ramnit worm by temporarily shutting down 45,000 Facebook accounts.
Ramnit originally debuted in April 2010 but just recently made it’s way onto the world’s largest social network. Once infected a users login details can be captured and malicious links posted to their Facebook wall.
Recognizing the severity of the worm an Israel computer firm said on its blog:
“It was fairly straightforward to detect that over 45,000 Facebook login credentials have been stolen worldwide, mostly from users in the United Kingdom and France.”
The firm continued:
“We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” the firm said.
Users with stolen information could potentially find their private information on the black market which is one of the reasons Facebook acted quickly to remove account access for affected accounts.
Facebook acknowledged the worm which they say was discovered last week by the security firm.
According to Facebook:
“Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts.
“Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices.”
Facebook would like users to avoid clicking on strange links and report any potentially dangerous activity.