Download presentation
Presentation is loading. Please wait.
Published bySherilyn Cameron Modified over 8 years ago
1
Millions of Dollars Lost. MAN IN THE BROWSER
2
TABLE OF CONTENTS Introduction Brief Examples of Man in the middle Defining MitB From Infection to Pay Day Examples and Effects of MitB Attacks Solutions – What Works vs. What Does Not Conclusion
3
MAN IN THE MIDDLE VS. MAN IN THE BROWSER Man in the Middle - There is a MitM that intercepts a communication between two systems who can then modify information being sent to both parties (client and server). “Solved Problem from a banking perspective but still a problem” - Gunter Ollamn The Man’s Primary Target: Money
4
MAN IN THE MIDDLE
5
MAN IN THE MIDDLE VS. MAN IN THE BROWSER “Man-in-the-Browser is a form of Internet Threat related to Man-in-the-Middle (MitM), it’s a Trojan (sometimes called proxy Trojans) that infects a web browser and has the ability to modify pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host application.” - (OWASP)
6
FROM INFECTION TO PAYDAY Trojan Infects the software, either by Operating system or Application Trojans installs itself into browser configuration User starts the browser The malware waits for a trigger (Browser to load a page in a list of known sites to attack) When triggered the MitB extracts all data from DOM User then starts a transaction to send to the server
7
FROM INFECTION TO PAYDAY Then MitB then modifies the values and tells the browser to submit to server The server then processes the form and generates a receipt The MitB detects the receipt and replaces the modified data with the users original data Browser displays modified receipt with original data that it saved earlier User is fooled.
8
FROM INFECTION TO PAYDAY
9
EXAMPLES AND EFFECTS Assume you’re the consumer and you process a transaction via PayPal and get attacked. Going through the steps shown previously, If the user does not catch the changes to the web page, or the attack occurs behind the scenes as a separate transaction what happens next. Getting your money back? Trojans(MitB): Zues, Zbot, Adrenaline, Sinowal and Silentbanker Purchasing Zeus toolkits: $700 to $4000USD for newest version
10
SECURITY METHODS INEFFECTIVE AGAINST MITB Username password Biometrics Gift Card Mutual Authentication OTP Token Smart card, Digital certificates Anti-Virus or Anti-malware applications ( Maybe ) IP-Geolocation (Passive safeguard) Device Profiling (Passive safeguard)
11
EFFECTIVE SOLUTIONS AGAINST MITB Separate corporate computer solely used for online banking Hardened Browser on a USB drive OTP token with signature utilizing Out of Band (OOB) Fraud detection that monitors user behavior
12
CONCLUSION Briefly explained the Man in the middle Explained Man in the browser Steps from infection to pay day Some Examples and effects Ineffective solutions and passive guards Effective solutions and passive guards
13
REFERENCES http://www.net-security.org/secworld.php?id=10154 http://www.bankinfosecurity.com/articles.php?art_id=3228 http://www2.futureware.at/svn/sourcerer/CAcert/SecureClient.pd f http://www2.futureware.at/svn/sourcerer/CAcert/SecureClient.pd f http://www.owasp.org/index.php/Man-in-the-browser_attack http://docs.bankinfosecurity.com/files/whitepapers/pdf/315_WP_ MITB_March2010.pdf http://docs.bankinfosecurity.com/files/whitepapers/pdf/315_WP_ MITB_March2010.pdf http://www.rsa.com/node.aspx?id=1331
14
REFERENCES http://www.tricipher.com/threats/man_in_the_browser.html http://threatpost.com/en_us/blogs/man-browser-inside-zeus- trojan-021910 http://threatpost.com/en_us/blogs/man-browser-inside-zeus- trojan-021910 http://www.net-security.org/malware_news.php?id=1600 OWASP Gunter Ollamn: http://video.google.com/videoplay?docid=304186109429633154 9&hl=en# http://video.google.com/videoplay?docid=304186109429633154 9&hl=en# http://www.americanbanker.com/btn_issues/23_9/a-man-in-the- browser-shield-for-corporates-1024778-1.html http://www.americanbanker.com/btn_issues/23_9/a-man-in-the- browser-shield-for-corporates-1024778-1.html
15
QUESTIONS?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.