MITM Attacks: Close To You Or With Malware ━━━━━━━━━━━━━ Man | hacKING
MITM Attacks: Close To You Or With Malware
━━━━━━━━━━━━━
Man-in-the-middle attacks come in two forms, one that involves physical proximity to the intended target, and another that involves malicious software, or malware. This second form, like our fake bank example above, is also called a man-in-the-browser attack.
Cybercriminals typically execute a man-in-the-middle attack in two phases — interception and decryption.
With a traditional MITM attack, the cybercriminal needs to gain access to an unsecured or poorly secured Wi-Fi router. These types of connections are generally found in public areas with free Wi-Fi hotspots, and even in some people’s homes, if they haven’t protected their network. Attackers can scan the router looking for specific vulnerabilities such as a weak password.
Once attackers find a vulnerable router, they can deploy tools to intercept and read the victim’s transmitted data. The attacker can then also insert their tools between the victim’s computer and the websites the user visits to capture log in credentials, banking information, and other personal information.
A successful man-in-the-middle attack does not stop at interception. The victim’s encrypted data must then be unencrypted, so that the attacker can read and act upon it.
━━━━━━━━━━━━━
@Hacking
