Man-in-the-browser

Man-in-the-browser ( MitB , MITB, MIB, MiB) is a form of attack on computer, in which a Trojan the browser infected the user, and then use the online banking or social networking perform alters the appearance of web pages and transactions independently can. In contrast to phishing , the user usually goes unnoticed by the malicious program, as the user is browsing the real pages of the provider, is correctly logged in and the unwanted transactions are displayed to the user like normal processes.

The man-in-the-browser attack is a special form of the man-in-the-middle attack .

Well-known Trojans that use this form of attack are Zeus , SpyEye , Carberp , Gozi , Emotet and Clampi .

Web links

"Universal Man in the Browser": data theft in real time at heise.de (article from October 5, 2012).
Man-In-The-Browser 101 or “it works as designed” (English)
Hackers outwit online banking identity security systems at bbc.co.uk (English)

Individual evidence

↑ ^a ^b ^c Concepts against Man-in-the-Browser Attacks (PDF; 185 kB) at futureware.at

[FWAT-1] Concepts against Man-in-the-Browser Attacks (PDF; 185 kB) at futureware.at