The user names and passwords of more than 45,000 Facebook members have been stolen in a hi-tech cyber 'worm' attack.
The Ramnit worm, which has previously been used to steal bank account details, has mainly targeted users in the United Kingdom and France so far.
The worm is designed to self-replicate itself and send 'infected' links, which redirect to a website that downloads a virus.
Cyber-threat researchers Seculert said in a blog post the Ramnit worm was discovered in April 2010 as a financial malicious software (malware) and is now targeting Facebook.
"We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread."
The researchers said the virus is taking advantage of the fact that users have the same passwords across numerous web accounts and can use the details to hack into corporate networks.
"The viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands."