Wi-fi Hacking and Grabbing Your Cookies
Things just get worse and worse for mobile users who take advantage of cheap or free wireless hotspots, this attack involves the cookies that are used on websites to keep users information so they don’t have to login every time they go there, Gmail is a great example and one they used to demonstrate how easy it really is.
Prior to the demonstration, which involved the live hijacking of a Google mail account (GMail), many sites were thought to be safe because they encrypted the data swapped back and forth when people login.
However, Mr. Graham carried out his attack on the unencrypted cookies, tiny text files, many sites use to identify people that regularly return.
The tools created by Mr. Graham, called “Hamster” and “Ferret”, watch the traffic flowing in and out of public wi-fi hotspots and let attackers grab cookies as they are passed back to people logging in to their webmail or social network account.
Using the cookie an attacker could pose as a victim and enjoy almost the same level of access to an account as its rightful owner. Source: Warning of webmail wi-fi hijack