How 'cookiejacking' could steal people's Facebook passwords(Read article summary)
Cookiejacking could let hackers compromise Facebook profiles, says a computer security expert. But Microsoft argues cookiejacking isn't a high risk threat.
Most websites that require you to log in will save your online credentials as "cookies." These small browser files can contain anything from passwords and site preferences to the contents of an online shopping cart. Cookiejacking, according to Mr. Valotta, lets hackers steal those cookies and get away with your personal information.
"Any website. Any cookie. Limit is just your imagination," Valotta told Reuters.
There is, however, a very big catch: To access your cookies, a hacker must design a website or game that convinces you to drag an object from one side of the screen to the other. For example, Valotta "built a puzzle that he put up on Facebook in which users are challenged to 'undress' a photo of an attractive woman," reports Reuters. Once players move the digital clothing, they unwittingly trigger the cookiejacking trap.