N/APosted on - 12/27/2014
What is a Man in the Browser Attack? Is it in some way connected to the more well known Man in the Middle attacks? How than is it different from Man in the middle attacks? As suggested by the name how the web is browser used to lodge the attack here?
What is a Man in the Browser attack?
Man-in-the-browser (MITB) is very much similar to man-in-the-middle (MITM). It is Trojan horse, it infects a web browser, it takes advantage of vulnerabilities of browser security. It modifies web pages, also modifies transaction content.
While modifying the transaction content, it’s completely invisible to both the user and host web application. Man-in-the-browser attack will be successful even if SSL/PKI or three factor authentication available. The perpetrator installs a Trojan horse on a victim's computer which is then capable of modifying that user's Web transactions as they occur in real time. To launch Man-in-the-browser attack is high technology and high cost. It is many times used for financial frauds. Mainly, Firefox and Internet Explorer are targeted for this attack.