This newly released app for Android listens in on Wi-Fi networks – Even those with WEP, WAP or WPA2 Encryption- and lets you piggyback on the Facebook, Twitter and YouTube( Developer Bartosz Ponurkiewicz says more are coming) accounts of whomever is sharing the WLAN connection with you. Understandably, the app only works with a rooted phone and within seconds it will hijack the account on anyone else on the network and you’ll be able to perform all operations from the account as if it were your account. Instructions on how to secure your Facebook account from this after the break.
To protect yourself from this app you simply have to enable SSL encryption on your Facebook account (Which FB should’ve enabled by default!). To do this, go to Settings -> Account Settings -> Account Security on your Facebook account and enable Secure Browsing(Https) and you’re good to go.
Source: Engadget