Saturday, August 04, 2007

Hamster & Gmail

Gmail account 'hacked' over wi-fi hotpsot..

"Prior to the demonstration, which involved the live hijacking of a Google mail account (GMail), many sites were thought to be safe because they encrypted the data swapped back and forth when people login.

However, Mr Graham carried out his attack on the unencrypted cookies, tiny text files, many sites use to identify people that regularly return.

The tools created by Mr Graham, called "Hamster" and "Ferret", watch the traffic flowing in and out of public wi-fi hotspots and let attackers grab cookies as they are passed back to people logging in to their webmail or social network account."

No comments: