The Double Direct attack can be disastrous to mobile devices

Asked By 60 points N/A Posted on -
qa-featured
The Double direct attack is putting iOS and Android users at risk.The Double Direct attack  is known to be a man in the middle attack? What happens in a man in the middle attack? What could be the consequence of the Double direct attack on the victim's cellphone or mobile devices?

 

SHARE
Answered By 590495 points N/A #148811

The Double Direct attack can be disastrous to mobile devices

qa-featured

DoubleDirect is a new type of MitM attack or Man-in-the-Middle. This new Man-in-the-Middle attack was discovered by security researchers and it is aiming for tablet and Smartphone users that run on either iOS or Android. DoubleDirect allows an attacker to forward a victim’s traffic of major websites like Twitter, Facebook, and Google into a device that the attacker controls.

Once this is accomplished, the attacker can now steal the victim’s important personal data like email IDs, login credentials which include the username and password, and banking information. The attacker is also capable of sending a malware to the victim’s device. According to Zimperium, a San Francisco-based mobile security firm, the DoubleDirect technique is being used in the wild across 31 countries.

Attackers used DoubleDirect against the users of web giants like Hotmail, Google, Live.com, Facebook, and Twitter. Among the 31 countries, the United States, the United Kingdom, and Canada are included. The DoubleDirect method uses ICMP or Internet Control Message Protocol which redirect packets to be able to change the routing table of a host.

This is actually used by routers to broadcast a machine that has a better route for a specific destination. Aside from the iOS and Android mobile operating systems that are being targeted by DoubleDirect, Mac OS X users are also being targeted. The good news is, PC users running Windows and Linux don’t have a problem because these operating systems don’t allow ICMP redirection or forwarding packets that contains the malicious traffic making them immune to the attack.

Related Questions