IT CORNER
MAN IN THE MIDDLE ATTACK
A Man-in-the-Middle (MITM) attack is
a type of cyberattack where the
attacker secretly intercepts and
relays messages between two parties
who believe they are directly
communicating with each other. This
type of attack can be particularly
dangerous as it allows the attacker to
eavesdrop on the conversation, steal
sensitive data, and even alter the
communication.
How MITM Attacks Work
1. Interception: The attacker intercepts the communication between the
two parties. This can be done through various means such as unsecured Wi-
Fi networks, compromised routers, or malware on one of the devices.
2. Decryption: If the communication is encrypted, the attacker attempts to
decrypt it to read the messages. This may involve stealing or spoofing
cryptographic keys.
3. Injection: The attacker can modify the intercepted messages or inject
new ones, leading to misinformation or further exploitation.
Common Methods of MITM Attacks
1. Wi-Fi Eavesdropping: Setting up rogue Wi-Fi hotspots or compromising
existing ones to intercept data.
2. SSL Stripping: Downgrading the communication from HTTPS to HTTP to
make it easier to intercept and read.
3. DNS Spoofing: Redirecting traffic intended for a legitimate website to a
fake website controlled by the attacker.
4. IP Spoofing: Altering the source IP address of packets to make them
appear as though they are coming from a trusted source.
5. Email Hijacking: Intercepting or manipulating email communications to
deceive the victim.
Protecting Against MITM Attacks
1. Use Secure Connections
2. Enable Two-Factor Authentication (2FA)
3. Use VPNs
4. Regular Software Updates
5. Be Wary of Public Wi-Fi
