// THREAT DETECTION AND DATA PRIVACY TERM
MITB Attack
A Man-in-the-Browser (MITB) attack is a cyberattack where a Trojan horse infects a web browser to secretly intercept and manipulate data. This allows attackers to steal sensitive information like login credentials or alter financial transactions without the user or the website detecting it.
TECHNICAL DEFINITION
A Man-in-the-Browser (MITB) attack is a malware-driven proxy Trojan attack that compromises a victim's web browser to intercept and manipulate HTTP/HTTPS traffic between the user and a target website. This technique facilitates real-time data theft, session hijacking, and fraudulent transaction modification, primarily targeting financial institutions by exploiting browser vulnerabilities or malicious extensions.
SYNONYMS & ALIASES
- Man-in-the-Browser
- Browser-in-the-Middle
- MITB
- Browser Hijacking
- Proxy Trojan
- Session Hijacking
USAGE NOTE
This attack is particularly stealthy because it manipulates legitimate user sessions on the trusted endpoint, bypassing many network-level security controls.
DEVELOPERS
Organizations developing technology related to MITB Attack.
IBM acquired Trusteer, whose Rapport software is specifically designed to protect against Man-in-the-Browser (MITB) attacks by securing the communication between the user's browser and the websites of sensitive applications like online banking.
Zscaler's cloud security platform includes Browser Isolation, which executes web content in a remote, secure environment. This prevents malicious scripts used in MITB attacks from ever reaching the end-user's device.
Kaspersky's internet security products feature 'Safe Money' technology, a specialized protected browser environment that launches for financial transactions to prevent code injection and other MITB techniques.
Symantec's endpoint and web security solutions, now part of Broadcom, use behavioral analysis and web isolation to detect and block malicious browser modifications and script injections common in MITB attacks.
Menlo Security is a leading provider of browser isolation technology. Their platform renders all web content in the cloud, sending only safe, non-executable information to the user's browser, effectively neutralizing MITB threats.
Proofpoint offers a browser isolation solution that creates a secure, air-gapped environment for web browsing, preventing malware delivered via web pages from compromising the user's system or browser.
CrowdStrike's Falcon platform provides next-generation endpoint protection that can detect and prevent the malicious activity associated with MITB malware, such as unauthorized process injection into a browser or installation of malicious extensions.