FaceNiff is a new Android App that makes it literally effortless to log into someone else’s Facebook account as long as that person is on the same Wi-Fi network as you.
This application works by capturing and sniffing all the packets that are sent around the network. The application itself doesn’t hack into Facebook, it wait for a user on the same wifi network to login, then it will intercept the data and display the user’s login ID. Then clicking on the name and ID, the app user is able to log in and take over the account.
In addition to Facebook, this application works with Twitter, YouTube and Amazon.
Android phones need to be “rooted” in order to run the app (a simple process) then the handset owner can just download and run the app. The video below shows just how simple it is (don’t try this yourselves folks, it’s illegal).
There are a couple of ways to protect yourself from this hack:
1) Use SSL – Facebook, Twitter and Amazon all allow secure connections using https: instead of the standard http: – this means the data sent from your handset is secure and cannot be intercepted by the app.
2) For any service that does not support SSL, you can set up a VPN tunnel – this is a private network connection over public Internet which terminates on a trusted connection (such as your home or office). If you are unsure how to do this, your IT support company can advise you.