The goal of most cyber criminals is to steal valuable information for users. Attacks can be directed at individual users, famous websites, or financial databases. Although the methodology is different in each situation, the end is always the same. One cyber threat increasingly targeted at mobile phones is what’s known as Man-in-the-Middle (MitM) attacks. Although not new, these are growing in sophistication and frequency.
In most cases, criminals try to insert some type of malware onto the victim’s computer or mobile device. Since this is the shortest route between them and the data they so desperately want. Just as the name suggests, This method introduces an intermediary (the cybercriminal or a malicious tool) between the victim and the source: an online banking page or an email account. These attacks are really effective and, in turn, very difficult to detect by the user, who is not aware of the damage they may suffer.
App developers can block these threats. However, 43% of app developers admit to taking shortcuts that compromise security, in the rush to get to market. Given this, mobile administrators must take strenuous steps to secure their mobile environments.
These attacks can be launched via various methods. One common one is to create an “evil twin” WiFi network that looks like the legitimate one they’re copying. Another is to take control of a secure network connection, undetected by the mobile and the secure network it’s connecting to.
In a nutshell, these attacks are carried out when a hacker gets between a mobile device and another data source that the mobile is trying to communicate with.
The hacker uses one of two approaches:
In the most common MiTM attack, a WiFi router is used to intercept user communications. This can be done by configuring the malicious router to appear legitimate or by attacking a bug in the router and intercepting the user’s session. In the first case, the attacker configures his computer or other device to act as a WiFi network, naming it as if it were a public network (of an airport or a cafeteria). Afterwards, the user connects to the “router” and searches for banking or online shopping pages, the criminal capturing the victim’s credentials to use them later.
In the second case, a criminal finds a vulnerability in the configuration of the encryption system of a legitimate WiFi and uses it to intercept the communications between the user and the router. This is the more complex method of the two, but also the most effective; since the attacker has continuous access to the router for hours or days. Also, you can snoop around sessions silently without the victim being aware of anything.
Generally, it is very difficult to detect when a MitM attack is being suffered, therefore, prevention is the first measure of protection. In order to minimize the risk of becoming the target of such an attack, you should carry out some specific actions:
If you or your organization have recently suffered an infection on your computers or work phones, or you suspect that you may have obtained due to strange behaviour, pop-up windows, advertising, etc, we at Cubed Mobile are here to help. With our team of trained cybersecurity professionals, rest assured that your sensitive data can be safe from pesky online criminals or invasive attacks.
Schedule a call with us to establish a secure, data fortress and create the best defense for any course of action!
Free for up to 5 users.
No credit card needed.