The "Ramnit" worm has infected about 45,000 Facebook accounts, stealing usernames and passwords primarily in the U.K. and France, the social networking site has confirmed.
Discovered in 2010, hackers used Ramnit the following year to infiltrate 800,000 computers and gain access to financial institutions, online banking and corporate networks.
"We suspect that the attackers behind Ramnit are using the stolen credentials to log into victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," Securlert Cyber Threat Management said in a blog post.
"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks."
A Facebook spokesman said more than half of the hacked logins were either invalid or had old/expired passwords, and the social network is working to help restore compromised accounts.