Beware Man-In-The-Middle Hacker Attacks

Dennis Faas's picture

In an effort to raise awareness, three professional hackers are attempting to prove that trusted web sites make you just as vulnerable to attack as known malicious web sites.

At the recent Black Hat and Def Con security conventions, three presenters brought light to a new wave of Internet attacks that operate in a similar manner to that of a telephone tap in the shared communication between computers and trusted web sites.

"Man-in-the-Middle" Attack

This type of computer infiltration, known as "man-in-the-middle" attacks, occur when an online deviant steals the data that is intended to be shared by computer and secure web site alone.

To become regarded as a "secure" online destination, web sites purchase Secure Sockets Layer (SSL) certificates that encrypt traffic and assure visitors that it is safe to enter confidential information. (Source:

The onus of security is really on those companies who peddle SSL certificates. Their task is to ensure that the person (or corporation) pursuing the certificate is the actual owner of a legitimate web site.

How to Tell if a Web Site has an SSL Certificate

A secure site is represented by a padlock icon which is located in the bottom right corner of a web browser. However, the URL in newer web browsers like Mozilla Firefox v3.5 change color to blue if a site is using an SSL certificate. The change in color is likened to unlocking a padlock. Unfortunately, many people do not take notice of the change in color before divulging personal information.

This is where your browser steps in.

Almost all browsers are programmed to block information-seeking sites that do not have a valid SSL certificate. If a user attempts to override the block, the browser issues a statement warning of potential dangers, but giving the user the option to click through at their own peril.

Vulnerability in SSL

At the Black Hat and Def Con conventions, the three presenters acted as hackers to prove that such vulnerabilities exist, even in sites rendered "safe" by the browser.

The flaws are exposed once a hacker is able to infiltrate a SSL certified network. Once in, the online deviant is able to set up an "eavesdropping post" that is used to capture credit card numbers, passwords and other sensitive data.

Browser Update Could be Malware

Worse yet, hackers are now able to assume control of the auto-update feature on unsuspecting computers and install malware direct from their infected source. The computer would believe the attack to be a routine update coming from a software manufacturer. (Source:

Analysts are calling for Microsoft and Mozilla to step up and equip their browsers with the latest features needed to remain one step ahead of hackers and their ever-evolving attack campaigns.

Rate this article: 
No votes yet