Types of Man In The Middle (MITM) Attacks

MITM is a 'man in the middle between a victim and the host. The hacker is trying to reach, either by intercepting the connection or listening to the connection passively to steal credentials, personal information, and banking data, corrupt the data or even terminate it.

Types of MITM attacks:

  • IP Spoofing: When attackers alter the IP of the host system, the victims believe that they are communicating with a legit system, but in reality, they are sent to the attacker unknowingly.
  • DNS SpoofingWhen the attacker alters the DNS server, the victim redirects to a faked website, that resembles the original one.
  • ARP SpoofingWith Address Resolution Protocol Spoofing, the attacker forged an ICMP packet to force the host to accept the new ARP response. The forged ARP Reply has a link to the hacker's MAC address with the victim's IP address, this helps in gaining access to any data sent.
  • HTTP Spoofing: HTTPS means the website is secure and safe, but during HTTP spoofing the victims are redirected to an unsecured website while the attacker is monitoring the communication.
  • SSL Hijacking: Secure socket layer, it's a protocol that establishes an encrypted connection between the victim and the server, during this attack, the attacker can use a secure server to intercept the communication between the two entities.
  • Wi-Fi Eavesdropping: This attack is often associated with public Wi-Fi, as an attacker is setting up a malicious Wi-Fi that resembles the legitimate one, then monitoring the victim's activity and intercepting the data.
  • Session Hijacking: Also known as Stealing browser Cookies, cookies are pieces of information stored in the browser during the session it's contained fruitful information like credentials, and banking data and even can see the victim's behaviour from the purchased items.

You might be interested in,

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment