Malware that stole 45,000 Facebook logins highlights security hole from cloud