Facebook Closes 45K Accounts to Stop 'Worm' Ramnit worm steals login info, spreads nasty links By Neal Colgrass, Newser Staff Posted Jan 7, 2012 2:34 PM CST 6 comments Comments Facebook User Operations Safety Team workers look at reviews at Facebook headquarters in Menlo Park, Calif., Tuesday, Dec. 13, 2011. (AP Photo/Paul Sakuma) (Newser) – Facebook has temporarily shut down about 45,000 accounts to protect users from a worm that steals login information and spreads malicious links, the Telegraph reports. Called Ramnit, the worm has been proliferating since April 2010 but only recently adapted to Facebook accounts. Most of the victims are in Britain and France, according to an Israeli computer security firm. “We suspect that the attackers behind Ramnit are using the stolen credentials to log in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further,” says the firm in a blog. Cyber criminals may also be buying the Facebook login data in online black markets. The firm's advice: Don't click on suspicious links, and report any suspect behavior to Facebook.