TraceSecurity

What is a Man-in-the-Middle attack?

Like pharming and phishing attacks, the goal of a man-in-the-middle attack is to gain access to confidential information. However, unlike phishing and pharming attacks, man-in-the-middle attacks have been designed to defeat two-factor authentication, also known as strong authentication. A man-in-the-middle attack is designed to pass all data from the end user to the legitimate web site while at the same time recording the entire transaction. With a man-in-the-middle attack, a user actually connects to the legitimate web server, however, they are connecting through a malicious server first. This server records everything the user does. In some cases, the man-in-the-middle attack will allow the user to log in, including authentication to a two-factor challenge, and then once the connection has been made, it will send a page to the user telling them that the site is unavailable, possibly for maintenance. While the user thinks the session is over, a malicious hacker can continue the already logged-in session. In this way, the malicious individual completely negates the authentication process.