A that currently exists is computer session hijacking. It consists of intercepting the flow of data to extract information from the victim and use it for the benefit of an intruder.
It is difficult to realize if a person is being attacked through this modality. This is because the software that is installed on the computer is small and imperceptible.
If you want to know what the symptoms of this activity are, you can read them below. We will also talk about the methods that are used and the best-known attacks of recent years.
What is a “session hijack” and how does it work in computing?
The session hijackingalso know as session hijackingis a technique used by hackers to subtly take over data and confidential information of a person. These can be cookies, connection by IP, web pages, session on a modem, topic of discussion in a forum and also browsing the Internet.
In this way, the intruder hijacks the items he wants to obtain his own benefit. It achieves, among other things, set unwanted commands by the user, perform a or also introduce mode advertisements pop ups when the person is browsing.
Symptoms of session hijacking How do I know if I am a victim of one?
One of the main features of session hijacking is that it the program that is installed on the device is very small, so it is not easy to detect it. To know if you are in the presence of a hijacking attack, you will have to know some abnormal behavior on your computer. For example, every time you browse the Internet the home page is automatically overwritten and takes you to a URL for you to make a purchase or dump your private data.
Another way to know is when you do a search and the results do not match what should be corrects. If you have to close advertising windows in popup mode permanently, is a sign that you may have a session hijack. You will also realize that you are being a victim of this situation if you cannot access platforms in which you were registered, especially ecommerce stores and banking sites.
Regarding social networksit is very common that the hacker has hijacked your ID when he sends messages to your contacts as if you did. In this way, you will quickly realize that you are becoming a victim of a session hijacking. If you have a website and you can’t access the server As you usually do, think that someone could have made a mistake. hijacking session.
What are the methods used to perform session hijacking?
Four methods are currently known. to make a session hijacking. Being the most common when the attacker sends a linkby means of an email, so that the victim clicks on it and thus the hacker can access the computer. Another method is the technique called . In which the intruder intercepts data traffic to hijack session cookies.
This generates that in those sites where there is no encryption in the contents, after the victim has entered the password, the attacker can impersonate the user to obtain a new access key. Cross site scripting is the third method. This technique is used by attackers to be able to execute computer code on the victim’s computer.
This brings as a consequence get all kinds of information to carry out malicious operations. Finally, hijacking method is found by means of malware. These are a set of programs that are used for various purposes to silently spy on user activities. They also allow you to incorporate codes to steal session cookies so that the attacker can obtain the access codes of financial and private sites.
List of the best-known session hijacking attacks in recent years
We will show you below a list of the session hijacking attacks that have occurred in recent years and that have taken public interest:
firesheep
It was carried out at the end of 2010 by means of the “Firesheep” extension for the Firefox browser.. This program allowed the attackers to hijack the session when the user connected to networks public Wi-Fi.
This generated a great revolution of security. social networks like Twitter or Facebook that had preferences previously established by the user, did not generate opposition to the hijacking of the cookies access to private information. Therefore, the victim who used public Wi-Fi networks was frequently threatened until they settled said networks.
whatsapp sniffer
The app store Google uploaded in may 2012 the tool whatsapp sniffer. Which was available for all mobiles with Android operating system and its design allowed access to messages from other instant messaging accounts of those users who were connected to the same WiFi network. To solve this problem WhatsApp had to change its infrastructure from open protocol and based on XML by plane text.
droidsheep
droidsheep was also present at Google Play Store. It is an application dedicated to intervening communication when there are unsafe navigation protocolsthat is, the http. This tool allowed to hijack the cookies start in those networks of Wifi open, with WEP and WPA2 (PSK) encryption. In this way, the attacker could remotely access devices connected to the same network to obtain session cookies and thus know all the confidential data of the victim.
Cookie Cadger
This application managed to leak private information from sites where commercial and financial transactions were carried out through apps they used HTTP GET protocols insecure. Commands were executed regardless of whether the network was wireless or wired.
His working system is make repeated requests to the browser to attack insecure sites HTTP GET. In this way, when the user enters his personal data, the attacker can hijack login cookie to do the activities you want.
Facebook Comments
Disqus