A new Android application has been created that enables users to easily hijack users accounts on either Facebook, Youtube or Twitters over Wi-Fi networks, similar to the Firesheep Firefox extension.
The new Android FaceNiff app lets users sniff and intercept web session profiles over Wi-Fi networks, and potentialy steal other users’ credentials. Watch how easily the process is in the demo video after the jump.
The FaceNiff application has been developed by Bartosz Ponurkiewicz who compares his creation to Firesheep and developed the application for educational purposes only.
“It’s kind of like Firesheep for (Android). Maybe a bit easier to use (and it works on WPA2!),”
The way to make sure you are protected from FaceNiff is to use SSL (secure sockets layer) when connecting to your accounts.
Source : Gizmodo