Worm steals 45,000 Facebook login credentials, infects victims' friends

Discussion in 'malware problems & news' started by ronjor, Jan 5, 2012.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    http://arstechnica.com/business/new...login-credentials-infects-victims-friends.ars
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    45k sounds massive. But in perspective I think that's like 0.1% of Facebook users?
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    If I were one of the 0.1%, I wouldn't be happy.
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Last edited: Jan 9, 2012
  5. wat0114

    wat0114 Guest

    45000 will be far less than that...

     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Wow... that's a lot of compromised accounts :/
     
  7. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    839
    Location:
    Québec, Canada
    Thanks.
    Took the opportunity to change my password there...
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Yet another reason (as if I needed another one) I have never nor will I ever have Facebook. :thumbd:
     
  9. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Neither will I. They call it a private life for a reason.
     
  10. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Same here I feel no need for such a thing! :thumb:

    TH
     
  11. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    I don't believe the original intention of this post was to discredit Facebook. :ouch:
     
  12. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    No, but the fact is using such services opens you up to problems like this. If I'm a criminal looking for information on my target or data in general, Facebook will be one of the first if not the first stops I make.
     
  13. k0nsl

    k0nsl Registered Member

    Joined:
    Mar 23, 2004
    Posts:
    13
    That is, in as far as today's open society is concerned, a basic truism.

    Faithfully,
    -k0nsl
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Facewhat? :shifty:
     
  15. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ditto to the never did or ever will use facebook.
     
  16. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    And probably will be easy to get what you are looking for,if you where a criminal.
     
  17. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Extremely easy.
     
  18. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I agree. I have often expressed a similar opinion to people I know, including work colleagues, family & the like, only to be told that I'm just being paranoid. o_O

    I have nothing against Facebook per se, although I personally wouldn't use it, but I think many people are quite ignorant of the dangers inherent in using social networking sites.
     
  19. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    They cant say you didn't warn them of course will they admit you where right to begin with when it happens to them.
     
  20. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords

    Article
     
  21. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    Same here.
     
  22. wat0114

    wat0114 Guest

    There's a lot of blame placed on Facebook here, and I'm one of those who doesn't use it either, for reasons other than it being an exploit target, but in reading the following about the worm:

    -http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32/Ramnit

    ...it seems Facebook is not really at fault here. Rather, it's the user at fault for allowing the worm to install in the first place, and not taking pre-emptive steps to stop it or mitigate its effects, such as:

    • Enable a firewall on your computer.
    • Get the latest computer updates for all your installed software.
    • Use up-to-date antivirus software.
    • Limit user privileges on the computer. Incredible! I rarely ever see this sound recommendation made by anyone :blink:
    • Use caution when opening attachments and accepting file transfers.
    • Use caution when clicking on links to web pages.
    • Avoid downloading pirated software.
    • Protect yourself against social engineering attacks.
    • Use strong passwords.
    • Enable a firewall on your computer

    There's so much at one's disposal in taking easily applied, proactive steps to stopping something like this dead in its tracks, and avoiding Facebook isn't one of them.
     
  23. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    wat0114, you are suffering from "logical-itis," which is defined as "the tendency to remain logical and analytical in the midst of overwhelming sensational reportage."

    It's a very rare malady indeed and affects just a small percentage of people, so you are definitely in the minority here. The last time I checked, there is no known cure. My congratulations!

    _________________________________________________________________________​

    By the way, the Microsoft encyclopedia entry you quote is one of the best I've seen from them, and I agree with your characterization as incredible.

    As siljaline has pointed out, the intention of the original post/article was not to blame Facebook. But one comment about the arstechnica.com article which includes in its title, ...infects victims' friends:

    In the first paragraph of the article is the statement that one of the worm's goals is "transmitting malicious links to victims' friends". Big difference.

    So, there is no infection unless the Facebook user chooses to follow this unsolicited link, putting this "exploit" in the same category as any similar trick, on Facebook or otherwise.

    Earlier last year, I became acquainted with a small group of Facebook users in a little community up in the California Sierras. It's one of their social pasttimes. I learned that there are many safeguards in setting up a group, and that user awareness is no different for Facebook users than for any other computer users -- Google account/mail users, for example: you have to learn the particular policies and how to lock access to your "wall" and other such stuff. I learned that one rule they follow diligently is never to respond to anything unsolicited. Not bad advice!

    ----
    rich


    REFERENCES

    Dammit Ramnit! Worm slurps 45,000 Facebook passwords
    http://www.theregister.co.uk/2012/01/05/ramnit_social_networking/
    Facebook worm compromises up to 45,000 accounts
    http://www.csmonitor.com/Innovation...cebook-worm-compromises-up-to-45-000-accounts
    Ramnit Worm Stealing Facebook Account Passwords, E-mail Address & Bank Details
    http://www.darknet.org.uk/
    Watch your wall: New Facebook attack has stolen passwords from 45,000 users - and could be spreading through infected links
    http://www.dailymail.co.uk/sciencet...amnit-worm-stolen-passwords-45-000-users.html
    Facebook Ramnit Worm Virus Mostly Attacked Inactive Accounts in France & England
    http://www.readwriteweb.com/archives/facebook_ramnit_worm_virus_attacked_inactive_accou.php
     
    Last edited: Jan 9, 2012
  24. wat0114

    wat0114 Guest

    LOL! Your influence is to blame :D :p :thumb: Thanks!

    Indeed, I was happy to finally see it as a recommenation..
     
  25. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    http://arstechnica.com/tech-policy/...wn-on-botnet-infecting-3-2-million-computers/
     
Loading...