dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
851
share rss forum feed


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Universal Man in the Browser Attacks

New Type of MitB
»thehackernews.com/2012/10/univer ··· ets.html

Background:

Man-in-the-browser (MITB, MitB, MIB, MiB), a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse[1] that infects a web browser by taking the advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or two or three-factor Authentication solutions are in place. A MitB attack may be countered by utilising out-of-band transaction verification, although SMS verification can be defeated by man-in-the-mobile (MitMo) malware infection on the mobile phone. Trojans may be detected and removed by antivirus software[2] with a 23% success rate against Zeus in 2009,[3] and still low rates in 2011.[4] The 2011 report concluded that additional measures on top of antivirus were needed.[4] A related, more simple attack is the boy-in-the-browser (BitB, BITB). The majority of financial service professionals in a survey considered MitB to be the greatest threat to online banking.[5] For online banking, using portable applications or using alternatives to Microsoft Windows like Mac OS X, Linux or mobile OSes may be the safest, especially when run from non-installed media.[6][7]

»en.wikipedia.org/wiki/Man-in-the ··· -browser
--
Gladiator Security Forum
»www.gladiator-antivirus.com/

The Snowman
Premium
join:2007-05-20
kudos:4
opps ! Had third thoughts about posting.

mysec
Premium
join:2005-11-29
kudos:4
reply to Name Game

Is it your understanding that the user must be already infected for this to work?

From the article:

This attack can target victims of new infections as well as machines that were previously infected by updating the existing malware with a new configuration.


And from the Wikipedia article:

Background:

Man-in-the-browser (MITB, MitB, MIB, MiB), a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse[1] that infects a web browser by taking the advantage of vulnerabilities in browser security ...



----
rich


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:18

2 recommendations

reply to Name Game
Man-in-the-Browser malware scam goes universal

»www.csoonline.com/article/717979 ··· niversal

mysec
Premium
join:2005-11-29
kudos:4

1 recommendation


Thanks!

said by article :

... it recognizes form fields on any site visited by an infected user, ...

As usual, Klein wrote in the conclusion of his post that the best protection against such attacks is "to secure the endpoint against the root cause of these problems -- malware."




----
rich


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:18
You're welcome, mysec See Profile. I tweet stuff like this all week, alas there was this post.

redwolfe_98
Premium
join:2001-06-11
kudos:1
reply to Name Game
edited.. nevermind


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Name Game