A Man-in-the-middle attack presupposes three parts. The victim, The entity that he is trying to communicate with victim and Man-in-the-middle, who monitors and invades the victim's communications. Of course, the victim does not know the existence of man-in-the-middle.
How does one work Man-in-The-middle attack;
Suppose you received one e-mail, supposedly comes from your bank. The email asks you to sign in to your account to confirm some details. There is one in the email link, which is supposed to lead you to website the bank's. Log in and do what you asked for.
In this hypothetical scenario, man-in-the-middle (MITM) sent you the email and made it look legitimate. This attack also includes phishing techniques, through which you click the malicious link. In addition, man-in-the-middle has created a site, similar to your bank, to persuade you to give personal information and register your credentials. In fact, you are not logged into your bank account but to a fake site through which the hacker acquires them credentials you.
How is one done Man-in-The-middle attack;
There are two ways. One includes the physical proximity to the target and the other to her installing some malware. (the above scenario is an example of the second way and is called man-in-the-browser attack).
Man-in-the-middle attacks are usually done on two phases:
The criminals must first to acquire access on a wireless, non-secure Wi-Fi router. This is usually found on public Wi-Fi but also in people's homes who have not taken care of it. protection of their network. Attackers scan the router to detect specific vulnerabilities, such as a weak password.
When attackers detect a vulnerable router, they use it tools that monitor and read data and the flow of the victim's network. Hackers can also insert these tools between the victim's computer and the sites they visit and thus steal credentials, banking information and other personal information.
This was the first phase of the attack. The second phase involves decrypting the encrypted files of the victim so that the victim can hacker to exploit them. If this phase is completed, then we are talking about a successful man-in-the-middle attack.
What is η man-in-the-browser attack;
At man-in-the-browser attack (MITB), the hacker installs malicious software to the victim's device. One way to achieve this is by phishing.
Phishing: the hacker sends a fake email to the victim, cheats it and makes it open malicious link, found in attachments. This way, the user can unintentionally download malware onto their device.
The malware is then installed on browser without the user's knowledge. The malware records the data sent between the victim and specific sites, such as those owned by banks and transferred to the attacker.
How to protect yourself from one Man-in-The-middle attack;
There are many criminals tools to carry out these attacks. Therefore, you should take some measures to protect your devices, data and connections:
- Make sure that "HTTPS", with S at the end, is always at the URLs of the sites you visit.
- to be vigilant for possible Phishing emails, which ask you to update your password or enter your credentials. Do not open the links, included in the attachments. Instead, type the address in your browser.
- Do not connect to public Wi-Fi directly. Install and use VPN, which encrypts your connection and protects the data you send and receive when using public Wi-Fi.
- Since MITB attacks use malware, you need to install antivirus software and update them regularly.
- Make sure that home network Wi-Fi it is safe. Change the default credentials on your router and all connected devices and use strong passwords.
As more and more of our personal information is online we need to be very careful and take care of safety of our devices and networks.