A dangerous Man in the Browser (MitB) attack has been spotted, and security experts have warned it can pilfer any data a user enters, regardless of what website they are on.
Standard MitB attacks typically collect information like login credentials and credit card numbers entered by the victim in a specific web site. MitB malware also requires the cyber criminal to do plenty of “post-processing” to parse the logs and extract the valuable data, security firm Trusteer noted.
“This attack can target victims of new infections as well as machines that were previously infected by updating the existing malware with a new configuration. The data stolen by uMitB malware is stored in a portal where it is organised and sold.”
The company warned that uMitB, as it is so simple to use and takes away a lot of the work for the hacker, could become a popular choice amongst fraudsters. “For example, it could be used to automate card fraud by integrating with and feeding freshly stolen information to card selling web sites,” the company warned.
“The impact of uMitB could be significant since information stolen in real-time is typically much more valuable than ‘stale’ information, plus it eliminates the complexities associated with current post-processing approaches.”
At the heart of the problem is malware, which has to get onto the user’s machine before it can do any uMitB work. Users will have to hope their security protections block uMitB malware before it causes carnage.
See the video below from Trusteer on how these attacks can work:
How well do you know Internet security? Try our quiz and find out!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…