Cybercrime Man-in-the-Middle Attacks

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,292

Part one.
What connects Mary, Queen of Scots with a €6 million internet scam? The answer is Man-in-the-Middle (MITM) attacks. Way back in the 16th Century, Mary was the victim of insecure lines of communication. Messages between Mary and her supporters were intercepted and amended by Queen Elizabeth I’s spies, implicating Mary in an assassination plot and leading to her untimely demise. Fast forward to today and similar interceptions are scarily common. Modern MITM attacks occur when an individual can read or write data transmitted by you and the website you are browsing, essentially convincing you that he/she is the website and vice versa. In 2015, 49 suspects across Europe were arrested after they gained access to various company networks and executed multiple, large-scale MITM attacks worth €6 million by swapping out genuine payment requests for duplicate versions. The good news is that such attacks rely on flaws in security. And that’s where HTTPS comes to the rescue…



Part two.
Now you know what MITM attacks are, how do you stay secure on an individual level? Vigilance is key. Google displays “Not Secure” against a website URL, indicating that you may be at risk. Just a single non-HTTPS page can leave user data vulnerable. To protect yourself, the best option is to use a VPN – a Virtual Private Network – which acts as a direct tunnel between you and the internet.

Useful basic information, especially for anyone that is not aware of what a MITM attack is and how to protect against it. One can of course make this much much more complicated and deeper and please do but, the main purpose of this post is basic help.
 

HarborFront

Level 58
Verified
Content Creator
Oct 9, 2016
4,789
Despite VPN can protect you on public wifi, I guess VPN can't do anything against a HTTP site if you post any personal data, as the encrypted info only includes you and the vpn server. The video didn't make it clear!
From the VPN sever to the site the data is unencrypted if you surf HTTP sites. To protect yourself surf HTTPS sites only to ensure end-to-end encryption
 

koloveli

Level 3
Sep 13, 2012
135
more...
scripts in websites is safe, if they belong to the website;
VPNs protect sniffer in network, but not protected scripts or applications unsafe;
HTTPS protect data between browser and servers, but not protected scripts or applications malicious in PC or websites;
Sorry my english!
 

TairikuOkami

Level 31
Verified
Content Creator
May 13, 2017
2,076
Google's intention were probably good, but making webpages https made users to believe, that they are all safe.
Getting a certificate is as easy as ordering a pizza. So while it helped to prevent MITM, it made phishing easier.

On the side note, Yandex browser addressed a local MITM by itself. It is those little details, that makes it great.
 
Top