Search This Blog

Powered by Blogger.

Blog Archive

Labels

New Variant of Ramnit Worm hijacks 45,000 Facebook Accounts

A worm called Ramnit recently started targeting Facebook accounts with considerable success, stealing over 45,000 Facebook login credentials, reported by Seculert Researchers.

Ramnit at Past:
This worm discovered in April 2010, at first it was infecting Windows Executable as well as HTML files. Also it steals stealing sensitive information such as stored FTP credentials and browser cookies.

In July 2011 a Symantec report that Ramnit worm is responsible for 17.3 % of all new malicious software infections.

In August 2011, Trusteer named Ramnit as "Hybrid Creatures" that capable of doing Ramnit infection and the ZeuS financial data-sniffing capabilities.(Ramnit+ZeuS)

According to their report, around 800,000 Machines infected Ramnit from September to end of December 2011.

Recent Attack:
Recently, A new 'financial' Ramnit variant aimed at stealing Facebook login credentials worldwide, mostly from people in the UK and France. Since the Ramnit Facebook command and control (C&C) URL is visible and accessible , researchers are able to determine the precise number of Facebook victims it has made so far.
Ramnit.C Facebook Infection Distribution By Country

CyberCriminals will try to use this stolen  accounts to spread the worm in facebook.  Seculert has provided Facebook with all of the stolen credentials that were found on the Ramnit servers.
Share it:

Breaking News

Malware Report

Ramnit

ZeuS