Thursday, November 16, 2017

Man In the Middle attack is a very popular method to hack into a network. Man In The Middle attack is a type of cyber attack where a hacker inserts him into a conversation between two computer systems and gains access to the information that the two systems were trying to send each other. Man In The Middle Attack allows a hacker to intercept, send and receive data that going to transfer between two parties/computers. A MITM attack exploits the real-time processing of transactions, conversations or transfer of other data.

Example of MITM attack



What is man in the middle attack?



In the image above, you have noticed that the hacker/attacker inserted himself between the connection between the client/user and Web Application/server. Now the attacker has intruded into the communication between the two endpoints and now he can inject false information and intercept the data transferred between them. What things an attacker can do by MITM attack?

Modifying sent Information

For example, consider two-person Jack and Jill. Jack typed a mail " Hi Jill, how are you? I`ve heard that you broke up your relation with Tom. I was waiting for the right time to tell you something and I think today is the right day. I love you. please meet me at CN cafe."
But when Jacks sent the mail, it will pass through the attacker and the attacker can change the mail like "Hi Jill, jack is such a stupid boy. Don`t make a relationship with him. I am Jerry and I am a good boyfriend for you."
Jill will get the modified e-mail and she will meet Jerry. This way an attacker can inject false information.

Redirecting to another website

If a person is connected to the same network where the attacker inserted himself and browsing facebook.com website. Now the attacker can get information of which website the person is browsing now and he can redirect the person from facebook.com to a malicious website and can remotely install malicious applications on the device.

Capturing browser Cookies

The attacker can capture browser cookies sent over an unencrypted network. He can also capture data packets if the person browsing an unencrypted website. If the attacker can capture cookies, he can log into the person`s online accounts or he can collect passwords, credit card details etc.

How to get rid of MITM attack?


  • Don`t browse HTTP websites if you are connected to a public network.
  • If you see that someone attacking you then quickly clear your browser cookies and history, log out of your online accounts and change their passwords.
  • Don`t use personal information while you are connected to a public network.
  • Use WPA2 security in your personal router that no one can hack into your network.
  • Always use HTTPS websites for your important works.
  • Don`t connect to any free, suspicious public network.

Interactions susceptible to MITM attack.

  • Financial sites- between login and authentication.
  • Connections meant to be secured by public or private keys.
  • Other sites that require logins- where there is something to be gained by having access.

Comments 0

Thanks for visiting us. Please Do comment with a valid name. Don't comment as Unknown.
(Warning: Do not spam in the comment box. Repetitive comments will not be moderated.)
EmoticonEmoticon