As MitM attacks have evolved, attackers have developed new social engineering tactics, using malware to capture and manipulate personal information relayed between two parties. A MitB attack is of this very nature and is designed to intercept data as it passes over a secure communication taking place through the browser between a user and an online application. A Trojan is embedded in a user’s browser application and can be programmed to trigger when a user accesses specific online sites, for example an online banking site. Once activated, a man-in-the-browser Trojan can intercept and manipulate, on-the-fly, any information a user submits online to the banking application. The information being manipulated could be the amount of money being transferred or the accounts between which it is being transferred; all without the knowledge of the end user or banking counterpart, who both see the transaction as mutually approved. This makes this type of attack very pervasive as it proliferates through the Internet, with devastating effects for the end users, as well as the financial institutions.
Find out about the most effective defense against MitB attacks.
DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Our portfolio of live events, online and print publishing, business intelligence and professional development brands are centred on the complexities of technology convergence. Operating in 42 different countries, we have developed a unique global knowledge and networking platform, which is trusted by over 30,000 ICT, engineering and technology professionals.
Data Centre Dynamics Ltd.
102-108 Clifton Street
London EC2A 4HW