Man-in-the-Middle (MITM) Attacks: What they are

At the RSA Conference 2018 the best and brightest security expert around the globe gathered to attend one of the leading cyber security tradeshows in the industry. From hacking iOS to why security matters when it comes to Wi-Fi , wireless threats were the topic of several talk-tracks this year. We’re all guilty of connecting to unsecured public Wi-Fi at times. We connect at Airport, coffee shop , and even at venues. And as the growth and popularity of Wi-Fi continues to climb, it’s important that we understand the risks that come with connection to public Wi-Fi, or even offering Wi-Fi to employs, visitors and guests. A typical Wi-Fi attack takes less then two minutes!!! The collected information would be more then enough for a criminal hacker to conduct a Man-In-The-Middle attack to hack and every one of these connections and steal information like usernames, passwords, and even credit card numbers.
Man-in-the-Middle (MITM) Attacks: What they areA Man-in-the-Middle attack is a form of attack that allows a hacker to secretly intercept a wired or wireless connection between two parties who believe they are communicating safely and directly with each other. When performed successfully, a MITM attack allows the hacker not only to eavesdrop on the communication between the victims but also tamper the data they exchange with each other. Most importantly, it may give the eavesdropper full access to the victims valuable information (login credentials, financial information, and so on).This is why it’s so important to know more about different types and techniques of MITM attacks, as well as the ways to prevent these attacks. How does a MITM attacks work?The basic principle of every MITM attack is pretty similar: an attacker virtually puts themselves between two communicating parties, leaving the victims unaware of their presence. Remaining undiscovered, the intruder can intercept messages the victims send to each other, extract valuable information and change the original messages if he wants.There are two kinds of MITM attacks: passive and active. Passive MITM attacks are possible when the RSA (River-Shamir-Adleman) keys are used. Then, the attacker can use server private keys to decrypt the user traffic. When it comes to an active MITM attack, the hacker’s main goal is to split an SSL/TLS session into two completely separate session. Then, the attacker can act as a proxy, monitoring and possibly altering all the data transmitted through a compromised channel. Also, there are several forms of MITM attacks that exploit vulnerabilities in internet browsers, cloud services or the internet of Things!Here is another threat and a way of bеing hacked. Do you know what is “Cherry Blossom”?As reported by The Hacker News, “Cherry Blossom is basically a remotely controllable firmware – based implant for wireless networking devices, including routers and wireless access points (APs), which exploits router vulnerabilities to gain unauthorized access and then replace firmware with custom Cherry Blossom firmware”. What happens when a router is compromised?When a router is compromised, the Cherry Blossom exploit is programed to:Monitor traffic to obtain email addresses, chat users names, MAC addresses, and VoIP phone numbers.Redirect users to websites with malicious software.Hijack the data stream between connected devices to spread malware across the network.Copy and store the entire traffic on a network served by a compromised deviceIs your WiFi connection verified? And are your personal data protected? While you’re drinking your morning coffee and checking your mails or bank account, do you know who’s looking behind you?Maybe it is Man In The Middle?

Get the App


Follow us