A development team at Facebook on Saturday temporarily closed 45,000 user accounts in the hopes of stopping the spread of a Facebook work that stole login information while spreading malicious links to unsuspecting friends.
Known as Ramnit the work has been seen randomly since April 2010 but only recently made it’s way onto Facebook.
According to one Israeli computer firm familiar with Saturday’s attacks most of the accounts were located in Britain and France. On their blog the computer firm writes:
“We suspect that the attackers behind Ramnit are using the stolen credentials to log in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further.”
Experts warn that user information is also likely to be sold on the black market.
In the meantime users are being urged not to click on suspicious links from their friends accounts until they verify the links origins. Facebook would also like any suspicious links to be reported.