Facebook is to force thousands of users to reset their passwords to stop the spread of the Ramnit worm targeting users of the social network, mainly in the UK and France.
Security researchers at Seculert found that around 45,000 login credentials had been stolen by a specially modified variant of the worm and notified Facebook.
The social networking firm said most of the stolen credentials are out of date, but all affected users will be forced to reset their passwords to improve security, according to The Telegraph.
A company spokesman said Ramnit is not propagating on Facebook itself, but the company has begun working with partners to add protections to its anti-virus systems.
Seculert researchers have warned that the attackers behind Ramnit could be using the stolen credentials to log in to victims' Facebook accounts and transmit malicious links to their friends, accelerating the malware's spread.
They say cyber criminals could also taking advantage of the fact users tend to employ the same password in various web-based services, such as Corporate SSL VPN, to gain remote access to corporate networks.
Facebook has called on users to avoid clicking on any strange links and report suspicious activity.