Stolen Facebook names and passwords mostly old data

The cyber bandits who nicked 45,000 Facebook user names and passwords with a computer worm Thursday got less than they bargained for.

The cyber bandits who nicked 45,000 Facebook user names and passwords with a computer worm Thursday got less than they bargained for.

A "majority" of the credentials stolen by the thieves were "out of date," according to a statement Facebook released to the media Friday. When pressed on the point by ZDNet blogger Emile Protalinski, a Facebook spokesperson acknowledged that "more than half" of the purloined data contained invalid logins or old or expired passwords.

"Last week we received from external security researchers a set of user credentials that had been harvested by a piece of malware," Facebook explains in its statement. "Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts."

Facebook says it is bolstering its antivirus protection and reminds users to "protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook."

According to the Israeli security company Seculert, the Facebook credentials were stolen by the Ramnit worm. "We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," Seculert says in a company blog.

Ramnit is a two-year-old worm that didn't attract much attention from malware warriors in the past because it primarily uses antiquated techniques to infect executable files in Microsoft Windows. Recently, though, it has been reengineered using borrowed code from an extremely pernicious malware program called Zeus and has become a more powerful threat to all computer users. Seculert estimates that some 800,000 machines worldwide are infected by Ramnit.

In its statement, Facebook "encourage our users to become fans of the Facebook Security Page for additional security information." Visitors to the page, however, will find no information on this latest security threat, and the last posting on the page's "wall" is dated December 26. So if you're really interested in Facebook security information, you might want to look elsewhere to find it.

Tags identity theftsecuritydata theftfacebook datasocial networking

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John P. Mello Jr.

Unknown Publication

4 Comments

stewart martin

1

Last thursday the worm got me , but now after what seems like a 1000 tries i can still not access my F/B acc. NOT HAPPY JAN

Anonymous

2

The article says "... and has become a more powerful threat to all computer users."
It is really only a threat to Windows users.
It would be more accurate and informative to point out that non-Windows operating systems such as Apple OS X, Linux (Redhat, Fedora, Ubuntu, SUSE etc.) and BSD unix etc. users are not included in this.

Nick

3

I'm also a victim, and I use a MAC OS X.....

Catalin3w

4

yea those worms are killing me seriously !!1

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

Resources

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?