A new Wi-Fi security worry: Sidejacking

Let’s see: There is hijacking, carjacking — and now there is also “sidejacking.” We are not sure whether this is something you would be proud of, but the keen-eyed DarkReading lists lists sidejacking as one of the “Five Coolest Hacks of 2007.” They write that first it was the Ferret, then the Hamster, and people said Wi-Fi will never be safe again. Researcher Robert Graham, CEO of Errata Security impressed (perhapses “scared” would be more appropriate) the participants in the Black Hat DC and Las Vegas crowds this year with live hacks of attendees who dared to use the Wi-Fi network unprotected, using his homegrown Wi-Fi sniffing tools which sniff and grab Wi-Fi traffic out of the air. DarkMatter’s reporter says that as he checked his e-mail during a session at Black Hat DC last February, he all of a sudden realized that Graham and colleague David Maynor were demonstrating Ferret next door, and that the tool was blasting his username and password up on the screen for all to see.

Graham turned his W-iFi hack up a notch in Vegas in August, with a more powerful version of Ferret — Hamster — that “sidejacks” machines using Wi-Fi and accesses their Web accounts. Hamster grabs users’ Gmail, Yahoo, and other online accounts. It clones the victim’s cookies by sniffing their session IDs and controlling their Website accounts. “You can be in a café and see a list of people browsing [over Wi-Fi]. And you can hijack and clone their Gmail system,” for example, Graham says. It is very easy to do, too, he says. Hamster does not hack passwords, just the cookies and URL trail left behind by a Wi-Fi user. The attacker then can pose as the victim and read, send, and receive e-mail on his or her behalf. It does not, however, see the victim’s actual e-mail messages. Interestingly, Graham had a little trouble finding many users in Vegas who dared to go Wi-Fi unprotected. Still, he recommends logging out of your Web session to wipe out your cookie trail when you are using Wi-Fi.