Categories: SecurityWorkspace

Universal Man In The Browser Attack Evolves To Take Data From Any Website

A dangerous Man in the Browser (MitB) attack has been spotted, and security experts have warned it can pilfer any data a user enters, regardless of what website they are on.

Standard MitB attacks typically collect information like login credentials and credit card numbers entered by the victim in a specific web site. MitB malware also requires the cyber criminal to do plenty of “post-processing” to parse the logs and extract the valuable data, security firm Trusteer noted.

“In comparison, uMitB [Universal Man in the Browser] does not target a specific website. Instead, it collects data entered in the browser at all websites and uses ‘generic’ real time logic on the form submissions to perform the equivalent of post-processing,” said Trusteer’s CTO Amit Klein.

Making Man In The Browser easy

“This attack can target victims of new infections as well as machines that were previously infected by updating the existing malware with a new configuration. The data stolen by uMitB malware is stored in a portal where it is organised and sold.”

The company warned that uMitB, as it is so simple to use and takes away a lot of the work for the hacker, could become a popular choice amongst fraudsters.  “For example, it could be used to automate card fraud by integrating with and feeding freshly stolen information to card selling web sites,” the company warned.

“The impact of uMitB could be significant since information stolen in real-time is typically much more valuable than ‘stale’ information, plus it eliminates the complexities associated with current post-processing approaches.”

At the heart of the problem is malware, which has to get onto the user’s machine before it can do any uMitB work. Users will have to hope their security protections block uMitB malware before it causes carnage.

See the video below from Trusteer on how these attacks can work:

How well do you know Internet security? Try our quiz and find out!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago