A Brief Overview of the Man-in-the-Middle Attacks

Posted by Allura on 23 07 2019.

Introduction

Man-in-the-middle (MITM) attack is a phenomenon by which an attacker obstructs communication between two parties where the communication needs to be direct. In this case, both parties are unaware of the attack that have crop up. Involvement of physical proximity or  use of malware to obstruct communications (a man-in-the-browser attack) are a part of this attack. Generally the financial transactions, secured connections, and other interactions involving username and password are attacked.

Also, there can be the use of many different methods for obstructing communications like, email, session, or IP hijacking, Wi-Fi® eavesdropping, Trojan attacks, DNS spoofing, or HTTP injections.

What is an MITM Attack?

Explaining the process of MITM attack would be effective in the form of an example. Person A and person B intends to send messages to each other. On the other hand, person C wants to obstruct their communication and hence, initiates the process of MITM attack.

Suppose, person A and person B wants to message each other their bank accounts number for cash withdrawal. Meanwhile, person C locates a security hole which will allow that person to obstruct both their communications and become the man-in-the-middle between their communications. Whatever they will discuss, will be gathered by person C, and that’s exactly how a forgery takes place. This whole phenomenon is known as an MITM attack.

Conclusion

All information about the concept of MITM is outlined in this review.