Wednesday, February 22, 2012

Man-in-the-Browser Attack

The idea of Man-in-the-Browser attack is similar to the traditional Man-in-the-Middle (MITM) one, where a malicious third party sits between the client and the server and intercepts the traffic. But it can be more dangerous because of the position of the malware: inside the victim's system, acting like a legal process, that helps the malware get access to the abstractions of the application layer easier than MITM. That is how trojans like Zeus manipulate online banking transactions and perform unauthorized transactions.       

No comments:

Post a Comment