I will write few words about an attack (that last time i heard of was almost 20 yr ago more or less) named MiTB (Man in The Browser) that is gaining recently a certain wild popularity.
This is quite hard to detect (even if you are prolific in cybersec sector) because needs a very attentive analysis and to look in places where normally you wouldn’t.
So, the main key-point of what this “thing” is capable of:
- Manipulate transactions: basically you login to your bank online and prepare a payment towards someone. This “malware” (please, allow me to use this term even if is not properly correct), without you noticing, is able to change the details of the payment (amount and recipient). And you even get the pdf as confirmation with the data your provided !
- Ability to modify/store what you see on a page
- Remote activation: the attacker can disable it and launch it when needed
Now…the more interesting part: how to avoid this ?
Considering the nature of the attack there are no many way to catch this bastard (luckily ?)
So, it can infect your browser via the following method:
- A common Virus (that attach it self to the browser) masked as some office document or innocent application
- Some Browser extension presented on github (or even on the official store)
So. for the technical people: Always check the code of what you get !
For non-technical people: If this extension comes from an unknown source, avoid it. If it promise you beauty, richness and world peace AVOID IT.
Stay safe !
