2. What is MAN IN THE MIDDLE (MITM)
A man-in-the-middle (MITM) attack is
a cyber attack where an attacker
intercepts and potentially alters
communication between two parties
without their knowledge. The attacker
positions themselves between the
sender and the recipient, allowing
them to eavesdrop on the
communication or manipulate the data
being transmitted. This attack can lead
to unauthorized access, data theft, and
other security breaches.
3. MITM
There are several other names used to refer to a man-in-the-
middle (MITM) attack, which are often based on the specific
techniques or variations of the attack. Here are a few common
alternative names for MITM attacks:
4. MITM - INTERCEPTION ATTACK
This name emphasizes the
attacker's ability to intercept and
capture the communication
between the sender and the
recipient. It highlights the act of
eavesdropping and unauthorized
access to the transmitted data.
5. MITM - JANUS ATTACK
The term "Janus" refers to a two-
faced Roman god, symbolizing
deception. This name reflects the
attacker's ability to deceive both
parties involved in the
communication by
impersonating each one and
manipulating the data in the
middle.
6. MITM - SESSION HIJACKING
This name focuses on the
attacker's objective of hijacking
an established session between
two parties. By gaining control of
the session, the attacker can
manipulate or inject their own
commands or data into the
ongoing communication.
7. MITM - BUCKET BRIGADE ATTACK
This name draws an analogy to a
bucket brigade, where people
pass buckets of water down a
line to extinguish a fire. Similarly,
in a bucket brigade attack, the
attacker relays messages
between the sender and the
recipient, often altering or
injecting their own content.
8. STORY
In March 2011, the ComodoHacker (name of a hacker)
successfully tricked one of Comodo's trusted resellers,
Registration Authority (RA), into issuing fraudulent SSL
certificates for popular websites like Google, Yahoo, Skype, and
Microsoft's Live.com. These certificates were used to
authenticate secure connections between users and the targeted
websites, making it possible for the attacker to intercept and
decrypt supposedly secure communications.
9. STORY
By compromising the RA's systems and impersonating legitimate
entities, the attacker was able to issue these unauthorized
certificates. This enabled them to intercept user data, including
login credentials, financial information, and private
communications, leading to potential unauthorized access and
data theft.
The attack was discovered when an observant user noticed a
mismatch in the SSL certificate presented by Google. Comodo
was alerted to the issue, and they promptly revoked the
fraudulent certificates.
11. HOW TO PROTECT YOURSELF FROM A MITM ATTACK
1.Use secure networks and avoid public Wi-Fi whenever
possible. Consider using a VPN for added security.
2.Ensure communication channels are encrypted and look for
"https" and a padlock symbol.
3.Verify the authenticity of digital certificates presented by
websites or applications.
4.Keep software and devices up to date to patch vulnerabilities.
5.Be cautious with email, links, and downloads, and watch for
phishing attempts.
12. HOW TO PROTECT YOURSELF FROM A MITM ATTACK
6. Create strong, unique passwords and use a password
manager.
7. Enable two-factor authentication (2FA) for added security.
8. Only download mobile apps from trusted sources and
reviewer missions.
9. Install reputable anti-malware software and keep it updated.
10. Stay informed, be vigilant, and trust your instincts.