LOGBOOK

HELP

Quiz Entry - updated: 2026.05.28

What is a Man-in-the-Middle (MITM) / Man-in-the-Browser (MITB) attack?

An attacker secretly inserts themselves between two parties to read or manipulate the traffic — MITB does it from inside the victim's browser.

In a Man-in-the-Middle attack, malicious code slips unnoticed between your computer and, say, your bank, taking control of the data flow — including the ability to manipulate transactions (not just eavesdrop). Man-in-the-Browser is a variant operating inside the browser itself, altering what you see and send.

A classic defence — out-of-band confirmation: the mTAN approach splits the transaction across two channels (internet + mobile network) and sends a confirmation (amount, partial recipient account number) to your phone. Since the attacker controls only the browser channel, you can catch a manipulated payment before it's sent.

Tip: MITM breaks both confidentiality (they read it) and integrity (they can change it). TLS with proper certificate validation is the front-line defence on the web.

From Quiz: ISF / Foundations, Key Terms & Ransomware | Updated: May 28, 2026