Firesheep Can Hack Your Social Media Accounts
What’s it take to hack your Facebook account, Twitter, or blog?
Not much.
Eric Butler has developed a tool that shows you exactly how vulnerable you are to having your accounts hacked by anyone using Firefox as a web browser and Butler’s new Firesheep plugin.
Known as “sidejacking” (a type of hijacking), here’s how it works…
You’re logged into your Facebook account at an unsecured WiFi location (like your local coffee shop). Someone with Firesheep installed is using the same WiFi.
Firesheep steals your Facebook user cookie and lets the “sidejacker” access your account as if he is actually you. This means posting on your account, changing your profile and passwords, sending messages to your Facebook friends, etc.
What Accounts Can Firesheep Access?
This isn’t picking on Facebook. The plugin was set up by default to work on many popular social media sites. Here are just a few of the default accounts the plugin can access.
- Yahoo
- WordPress
- Amazon
- Dropbox
- Bit.ly
And because it is open source, the plugin can be customized for sidejacking other sites too.
I do NOT recommend that you install the tool to sidejack into other people’s accounts at unsecured WiFi locations. That would be illegal.
However, if you want to see exactly how easy it is to steal your identity online, here’s where you can find the Firesheep plugin.
Be sure to scroll down to the bottom of the page and read Butler’s blog posts about Firesheep.
Protection Against Firesheep
What’s the solution? I’m now using virtual private networking (VPN) when out and about at unsecured WiFi locations.
Certified Computer Security Professional Tom Brownsword recommends using recommends installing the new BlackSheep Firefox plugin to counteract Firesheep.
