Seculert Cyber Threat Management has done a lot of research on the Ramnit worm and recently spotted it targeting Facebook accounts stealing over 45,000 logins mostly from the UK and France
From Warp2Search:
From Warp2Search:
The worm was originally discovered in April of 2010 by Microsoft security who describes it as “Win32/Ramnit is a family of multi-component malware that infects Windows executable files, Microsoft Office files and HTML files. Win32/Ramnit spreads to removable drives, steals sensitive information such as saved FTP credentials and browser cookies. The malware may also open a backdoor to await instructions from a remote attacker.”Ramnit worm heads for Facebook
In August 2011 (yes, over a year later) Trusteer reported that the worm had gone financial by trying to compromise banks and other corporate networks.