BlackSheep Plugin Bites Back: Detecting FireSheep Hijack Attempts

With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. 

With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. 

The plug-in doesn’t protect users from being hijacked, but does alert them when Firesheep is being used on a network they’re currently logged onto. Once Firesheep is identified, BlackSheep will notify users and advise them to log out and stop their network connection.
Firesheep, unveiled at Toorcon last month, gives users an easy interface to hijack others’ social networking sessions via unsafe wireless connections. The tool has gotten its fair share of scrutiny in the last few weeks, with one of its co-creators defending the plug-in via blog post last week.

The new tool is just the latest attempt to protect Web users on unencrypted wireless networks against prying eyes. An earlier release, FireShepherd, attempts to disrupt FireSheep’s attempts to listen in on insecure Web sessions.

ZScaler’s plug-in works in a different way: monitoring insecure networks for the telltale signs of the FireSheep application, then alerting users when Firesheep is being used to hijack their Web sessions. Once Firesheep is identified, BlackSheep will notify users and advise them to log out and stop their network connection.

Firesheep, unveiled at Toorcon last month, gives users an easy interface to hijack others’ social networking sessions via unsafe wireless connections. The tool has gotten its fair share of scrutiny in the last few weeks, with downloads approaching three quarters of a million. Still, Eric Butler, one of the plug-ins two creators, defends his work from criticism, saying it has helped to accelerate discussions about implementing more security on social networks and other burgeoning Web applications.

Suggested articles

Discussion

  • Anonymous on

    As Randy Abrams points out-- http://blog.eset.com/2010/11/08/let%E2%80%99s-pull-the-wool-over-your-eyes --BlackSheep does nothing whatsoever to protect you from the underlying insecurity of unencrypted wireless networks. FireSheep doesn't create the insecurity; it simply makes makes exploiting the insecurity trivial.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.