Man In The Middle Attack (MITM) is a type of cyber attack in which the attacker intrudes between the users and the applications to steal all sensitive information. The main motive of the attacker is to steal sensitive information such as login details, account details, debit, and credit card details. In most of the cases, the attackers offer free malicious Wifi to the users and make it public.
They can use the victim’s data for different purposes such as money transfer, steal the identity of users, and much more. This type of attack can take part in the Advanced Persistent Threat (APT). If you don’t know about APT then you can visit here to know about APT: What is Advanced Persistent Threat APT?
We are writing this article for educational purposes. We don’t support hacking or any other illegal activities. If you’d be involved in any cyber attacks then we are not responsible for that.
Phases of Man In The Middle Attack
Man In The Middle Attack (MITM) executes in two different phases that is interception and decryption.
The first phase enables security communication via the network of the intruder until entering its targeted destination. The attackers offer free malicious WiFi to the users and when the users connect to the free WiFi the attacker gets the access of the victim’s entire data.
Once the victim connects to the attacker’s WiFi, the attacker may perform any of the given attacks:
1. IP spoofing
In Ip spoofing the intruder trying to conceal themselves as an user by modifying the IP address of the header information. As a consequence, the victims who try to get an application-connected URL would be sent to the site of the attacker.
2. DNS spoofing
DNS cache poisoning is another name of DNS spoofing. Dns includes invading a DNS server and modifying the address record of the website. So, when the victim perform any action or access any website then it sent by the DNS record to the hacker’s site.
3. ARP spoofing
In this type of attack, the attacker links their MAC address with the victim’s IP address by using the fake ARP messages.
Now, this is time of decryption where two-way SSL traffic is required for the decryption. Some methods have been discussed below:
1. SSL BEAST
In this the attacker targets the TLS version in SSL. In this BEAST stands for Browser Exploit Against SSL/TLS. In this the attacker find the weakness in cipher block chaining (CBC).
2. HTTPS Spoofing
When the victim sends a request to access any secure website, the attacker sends the fake certificate to the victim to access all its data.
3. SSL Hijacking
In SSL Hijacking, during the TCP handshake, the attackers pass the fake authentic keys to the users as well as that application. In this way, the attacker can easily intrude between the user and application.
Man In The Middle Attack Prevention
After learning about the Man In The Middle Attack, it is very necessary to learn how to prevent MITM. In order to block it, you need to use practice different methods. Let’s discuss some point that you must avoid:
- If you find any public WiFi then you must avoid it. Never connect with an unknown password-free WiFi network.
- In case you are not using a banking app or any other app then keep it logged out.
- If your browser claims that a particular website is not secured then you must pay attention to it. You’ll receive a notification from the website regarding not secured websites or servers.
- Never user public WiFi while doing banking transactions.
- You should use a trusted anti-virus and anti-malware websites.
Conclusion: Man In The Middle Attack WiFi
We hope you have learned about the Man In The Middle Attack definition, phases, and prevention. If you have any queries regarding this then you can ask in the comment section. We write articles on the user’s demands. You can ask us to write on any specific topic.