Android app can be used to hack Facebook
Move over, Firesheep. A new app allows smartphones running Google's Android operating system to hack into Facebook and other online services. The FaceNiff app lets users sniff and intercept web session profiles over Wi-Fi networks, and potentialy steal other users' credentials. "It's kind of like Firesheep for (Android). Maybe a bit easier to use (and it works on WPA2!)," developer Bartosz Ponurkiewicz said on his website. However, Ponurkiewicz said hijacking sessions is possible only when the network is not using the Extensible Authentication Protocol (EAP). Ponurkiewicz also said the application will not work if the targeted victim is using SSL (secure sockets layer). The phone where the app is to be used must also be rooted, he added. For now, he said the latest version of his app can hack into Twitter, YouTube, Amazon, and Nasza-Klasa. He also said the app is confirmed to work on specific smartphones such as:
- HTC Desire CM7
- Original Droid/Milestone CM7
- SE Xperia X10
- Samsung Galaxy S
- Nexus 1 CM7
- HTC HD2
- LG Swift 2X
- LG Optimus Black - original rom
- LG Optimus 3D - original rom
- Samsung Infuse