Man-In-The-Middle Attacks|Different Types and Techniques

In this article we are going to see about Man In the middle attack and types of MITM attacks
MITM banner

Man-in-the-middle attacks (MITM) are common types of security attacks that allow attackers to eavesdrop on the communication between two targets.

Basically, It is a cyber-attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other. 

Let’s see an analogy:

Assume that there are three people chuck, bob, Alice. Alice and Bob are talking to each other but chuck wants to know what Alice and bob are talking about and also chuck wants to stay transparent. Here, chuck will impersonate bob to talk to Alice. Alice think’s she is talking to bob but in reality she is talking to chuck. Here chuck also send the message bob impersonating Alice. This way Chuck is sitting in between the conversation between Alice and bob and looking at all the conversation going on. From this chuck is able to eavesdrop the conversation between alice and bob while being anonymous.

Pictorial representation of what’s happening.

Mitm or Man in the middle pictorial representation

Now we know what is Man-In-The-Middle attack. Let’s see types of MITM attacks.

Type of MITM attacks.

There are total 7 types of Man-In-the-Middle attacks

  1. IP spoofing
  2. DNS spoofing
  3. HTTPS spoofing
  4. SSL Hijacking
  5. Email Hijacking
  6. Wi-Fi Eavesdropping
  7. Stealing Browser Cookies

Let’s discuss them one by one.

1. IP Spoofing

IP address spoofing is the act of falsifying the content in the Source IP header. By spoofing an IP address, an attacker can trick you into thinking you’re interacting with a website or someone you’re not, perhaps giving the attacker access to the information you’d otherwise not share.

2. DNS Spoofing

In DNS poisoning the attacker alters the DNS records so that it can route the user to a fake website or the website which is controlled by the hacker.

Hacker will intercept between the server and the user and change the user’s DNS every time the victim surf internet. Changing DNS means changing the destination IP address of the websites.

More details here.

3. HTTPS Spoofing

One common method of attack is called HTTPS spoofing, in which an attacker uses a domain that looks very similar to that of the target website. An attacker can fool your browser into believing it’s visiting a trusted website when it’s not. And redirect your browser to an untrusted website to collect information.

4. SSL Hijacking

Also known as SSL Striping is another form of man-in-the-middle attack happens when a hacker manages to stage an SSL stripping scheme against the victim. 

In an SSL hijacking, the attacker uses another computer and secure server and intercepts all the information passing between the server and the user’s computer.

5. Email Hijacking

Email hijacking is another form of man-in-the-middle attack, in which the hacker compromises and gain access to a target’s email account. The attackers can then spoof the bank’s email address and send their own set of fake instructions to customers. This convinces the customer to follow the attackers’ instructions. As a result, an unwitting customer may end up putting money in the attackers’ hands.

6. Wi-Fi Eavesdropping

Also known as an “evil twin” attack, hackers perform Wi-Fi eavesdropping is a type of man-in-the-middle attack that tricks unsuspecting victims into connecting to a malicious Wi-Fi network.

Attackers listen to traffic on public or unsecured Wi-Fi networks, or they create Wi-Fi networks with common names to trick people into connecting so they can collect all sorts of information.

7. Stealing Browser Cookies/Session Hijacking

Session hijacking also known as cookie side-jacking is an exploitation of a valid computer session. It is another form of Man-In-the_middle attack which gives the hacker full access to the online account.

The session hijacking attack relies on the attacker’s knowledge of your session cookie. If the attacker has your session cookie they can use your account to do all sorts of things.

More Detailed blog over here.

These are the seven types of MITM attacks.

Now let’s see how to prevent these types of attack.

How to prevent MITM?

  1. Force HTTPS -HTTPS can be used to securely communicate over HTTP using a public-private key exchange. This prevents an attacker from having any use of the data he may be sniffing.
  2. Use end-to-end Encryption
  3. Only connect to secured Wi-Fi routers or use your wireless carrier’s encrypted connection.
  4. Be sure that your home Wi-Fi network is secure. Update all of the default usernames and passwords on your home router and all connected devices to strong, unique passwords.
  5. Be Aware of new things happening in cybersecurity.

checkout more blogs like this here.

Share the Post...
WhatsApp

About Cybervie

Cybervie provides best cyber security training program in hyderabad, India.This cyber security course enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations. Taking a proactive approach to security that can help organisations to protect their data, Cybervie has designed its training module based on the cyber security industry requirements with three levels of training in both offensive and defensive manner, and use real time scenarios which can help our students to understand the market up-to its standard certification which is an add on advantage for our students to stand out of competition in an cyber security interview.

More Info – Click Here

Recent Posts

Follow Us on Youtube

CSEP : Certified Security Engineer Professional

Certified Security Engineer Professional (CSEP) certification is a comprehensive program designed for individuals aspiring to become cybersecurity engineers. It equips candidates with hands-on knowledge across various in-demand cybersecurity domains, ensuring they are well-prepared for current and future industry needs.

Organizations today seek candidates with a diverse set of skills beyond just one tool or area of expertise. The CSEP certification addresses this need by providing essential hands-on experience, making you proficient in multiple cybersecurity domains.

The program includes live classes featuring practical exercises, followed by a real-time project that offers valuable industrial knowledge.

Domains covered in the CSEP certification:

  • Cybersecurity Essentials
  • Penetration Testing
  • Application Security
  • Security Operations
  • AI in Cybersecurity
  • Multi-Cloud Security
  • Threat Intelligence

 

This certification is ideal for those looking to secure a role as a cybersecurity engineer and want to gain a competitive edge in the cybersecurity field.

For Further kindly feel free to fill out the profile form  for relevant information on our counselor will get in touch with you

Sign up for our Newsletter

Interested in Cyber Security Training Program 2024 – Click Here
Open chat
1
Hello 👋
How can we help you?