What is a man-in-the-browser attack?
Man-in-the-Browser is one of the most dangerous online security threats you are facing while you are browsing the web for online shopping or banking.
Imagine you’re trying to log into your online banking account. The login form will ask you to enter the user name and password. Rather than going to the page that you have requested, the site will ask more information like your debit or credit card information, social security number, driver’s license, and other sensitive personal information. You will notice that it has the same URL of your bank web site and it is the real bank website. As there is nothing to suspect you will be prompted to enter these information.
If you entered these information that you were asked to enter, you have likely become a victim of the Man-in-the-Browser malware.
Like most other attacks, Man-in-the-Browser or MitB starts from a malware infection. MitB malware infects users via all of the traditional methods such as email attachments, malicious links, or by visiting an infected website. The malware injects itself into the Web browser and silently waits until the victim visits specific websites like online banking or shopping. Both Firefox and Internet Explorer have been successfully targeted by the attackers. This attack mainly focuses on financial websites where they silently steal money from the victims. Although these financial websites are highly secured, this malware can penetrate the browser and can see everything that the user can see and more than that this malware has the ability even to do what user can do with the web application. It can alter or emulate real user’s interaction with the web application and can do fraudulent money transfers or payments from the user to the criminal. To the web application, the malware’s actions simply look like normal end-user behavior. The end user can not figure out the malware action as it hides records of fraudulent transfers in user’s transaction history.
A man in the browser attack is more difficult to prevent and disinfect. In order to avoid such attacks, always be alert when entering sensitive data in web applications. Specially, if you’re asked to fill in more fields on a web form than usual which normally do not asked by the site, this could be a malware attack. Ensure that all the applications on your PC especially your internet security program and your web browser are up to date and patched regularly as many of the malwares rely on users using vulnerable versions of software.
If you suspect you are victimized by a malware attack, check your bank account details. If you find something wrong with account details, inform your bank immediately over the phone and verify the transaction details. There is not much you can do once you are hit with a man-in-the-browser attack, but taking immediate actions will at least minimize the damage.