The only way people are even going to know they are in danger is if they hear of the threat
Dallas, Texas (PRWEB) May 22, 2013
Gill-Chris Welles, tech security researcher at idcloak Technologies, has issued a call for victims of a new form of Facebook hacker to step forward and share their experiences. Faceniff is a free and widely available Android app that allows its user to piggy-back a ride into someone else’s Twitter, MySpace or Facebook account; the only requirement: that they share the same WiFi connection.
Welles explains why the Faceniff threat poses a greater threat than other surveillance and data collection methods used by hackers today: “Faceniff was already the most powerful Facebook id hacker program when it could attack WiFi users through WPA2 encryption; but the latest version is even more formidable. The hackware now contains an additional SSL Sniff feature which uses a special type of Man In The Middle attack and can undermine HTTPS protection during account login. What’s more, it’s very difficult to know you’re account has been infiltrated at all. We are looking for those who do notice, and asking them to step forward and relate their experience on the Forum.”
idcloak Technologies Inc. is a Dallas-based web tech services company that offers data security support through education and services. The site’s Forum invites discussion on data security and other modern technological challenges such as censorship circumvention. Distinct from the staff-written Knowledge Center and Blog, the idcloak Forum is a user-created resource, with questions posed by visitors and responding advice given by third-party and inhouse experts. Resolved issues are stored and can be searched historically by newcomers who face the same predicaments.
idcloak is vocal in its response to the Faceniff threat: “The only way people are even going to know they are in danger is if they hear of the threat. Personal stories from victims will help raise awareness so we ask the victims to speak out. Perhaps you’ve found evidence that someone else used your Facebook or Twitter account to send messages; maybe your account has been sabotaged and content lost or defaced; or your account shows unrecognized devices are logged in. These are all tell-tale signs of a Faceniff sidejacking attack. We will advise victims on what measures they can take to protect their accounts from recurring attacks, and they will help others by sharing their story.”
When asked what measures could be taken by a user to prevent attack, Welles had this to say: “There are many free HTTPS proxy lists or VPN services available which will prevent a Faceniff attack and we are working on a technology that offers full protection at the click of a button. Facebook also has some in-site security settings which can prevent account infiltration.”
For information on computing security issues and how to address them, as well as censorship unblocking, privacy and control on the net, visit idcloak.com.