Comments on Man in the Browser

Atif Mushtaq commented on 'Man in the Browser '

2010-04-01T21:06:39Z

Joshua,
Let me clear few things here. What I said was like this:

"Man in the Browser a.k.a MITB is a new breed of attacks whose primary objective is to spy on browser sessions (mostly banking) and in that process intercept and modify the web page contents transparently in the background"

MITB technique may be old, but modern malware actively using it, is something relatively new and this is what I was meant by saying "new breed of attacks" (not technique). Zbot recently added support for MITB attack, same is true for Torpig and Clampi. URLZone is also a very new malware, just discovered in late 2009.

Joshua Akira commented on 'Man in the Browser '

2010-04-01T13:38:57Z

Forgive the correction, but MITB has been around since the 90's at least. Remember the plethora of "free popup blockers" and other browser toolbars?

J Cooper commented on 'Man in the Browser '

2010-02-23T15:25:04Z

Instead of offering a rss link how about a potential solution?or a link to a potential solution?

L A commented on 'Man in the Browser '

2010-02-23T15:08:17Z

This technique might be 2 years old, but until it becomes so well known that even the bankers themselves know what to look for and become smarter about their browsing, then I will thank Atif Mushtaq
for his efforts and tell him to keep it up, as this will someday hopefully make its way to all bankers too!!!

Tom Welsh commented on 'Man in the Browser '

2010-02-23T14:58:24Z

Could the bank servers not refuse to open more than one session at a time? That is, if you have logged in, you should not be allowed to log in again until you have either logged out or timed out. That seems elementary, so what am I missing?

Oasisbob commented on 'Man in the Browser '

2010-02-23T03:55:18Z

Here's something I've always wondered: Why don't the trojans just steal the cookie which is set during the MFA registration process, record the credentials (keystroke logger), and use the combination to login from elsewhere?

I find it hard to imagine that a trojan like Zeus can't find a way to get at stored cookies, even if there isn't an explicit API exposed.

old commented on 'Man in the Browser '

2010-02-19T22:59:43Z

it's not new; this technique is at least 2 years old

IT Ninja commented on 'Man in the Browser '

2010-02-19T10:17:40Z

btw, the National Security Agency was recently hacked. Yes hacked! But it was downplayed to the media for obvious shameful reasons. Here’s the link :

http://pinoysecurity.blogspot.com/2010/02/wwwnsagov-hacked.html