In a Man-in-the-Middle (MitM) attack an attacker is able to insert himself into the communications channel between two trusting parties for the purpose of eavesdropping, data theft and/or session tampering. There are multiple ways an attacker can carry out the attack depending on the setup and type of communications channel established.
One common example for a MitM attack is when an attacker on the internet intercepts communications between a client and a server, causing both sides to think they are communicating with one another, when in fact they are both communicating with an attacker. The attacker transparently relays data traversing the communications channel to the respective parties after reading it and/or tampering with it.
Another common example is what is referred to as Man-in-the-Browser (MitB) attack, a form of MitM, where the attacker compromises the client web browser, typically with the aid of a malware. Once the browser is controlled by the attacker, it can steal data that is sent and received through it and alter what is being presented to the user and what is being communicated to the server. MitB attacks are commonly used to attack online banking services by stealing credentials and/or carrying out fraudulent transactions once the user is logged into his account.
There are eight types of man in the middle attacks:
- DNS spoofing.
- IP spoofing.
- Wi-Fi eavesdropping
- HTTPS spoofing.
- SSL hijacking.
- Email hijacking.
- Session Hijacking
- Man in the Browser