An entirely new way of hijacking Facebook accounts has surfaced. You can now easily hijack any Facebook account using your Android smartphone. Thanks to an app called FaceNiff, Android users have the ability to take over any Facebook account.
Facebook is currently the biggest social network on the planet. The social network currently boasts around 600 million active members worldwide. For most people, their Facebook account is everything, so imagine having your account hijacked, and that too by someone who can do it from the comforts of their Android smartphone!
Right, so how is this actually possible? Well, the number one reason behind this is the users own negligence. A few people know that Facebook allows you to set HTTPS as the default protocol whilst surfing the network and most of them have not even enabled this feature. So FaceNiff capitalizes on the negligence of the users themselves. Android smartphones which have the FaceNiff app installed on them can easily hijack any running session of Facebook on any public wireless network wihtout the HTTPS protocol. Its literally as simple as that.
Worst case scenario? Imagine that you’re working in a coffee shop or any other similar place and are connected to its public wireless network. Some sees that you do not use HTTPS for surfing Facebook and fires up FaceNiff on their Android device. Within seconds, the person will be able to completely hijack your account and do things with it that you wouldn’t even dream of doing. So our advice to you will be that you use the HTTPS protocol not only for Facebook, but for all online services that allow you to use it, just to be safe against attacks of such sort.
The following video demonstration will help you understand the concept of hijacking Facebook using FaceNiff much more clearly: