CAPEC 662 Adversary in the Browser (AiTB)

Stable Standard High Risk

Severity Very High

Description

{'xhtml:p': 'An adversary exploits security vulnerabilities or inherent functionalities of a web browser, in order to manipulate traffic between two endpoints.'}

Attack Execution Flow

Step 1

Experiment

The adversary tricks the victim into installing the Trojan Horse malware onto their system.
Conduct phishing attacks, drive-by malware installations, or masquerade malicious browser extensions as being legitimate.

Attack Techniques

Conduct phishing attacks, drive-by malware installations, or masquerade malicious browser extensions as being legitimate.

Step 2

Experiment

The adversary inserts themself into the communication channel initially acting as a routing proxy between the two targeted components.

Step 3

Exploit

The adversary observes, filters, or alters passed data of their choosing to gain access to sensitive information or to manipulate the actions of the two target components for their own purposes.

CAPEC 662 Adversary in the Browser (AiTB)

Description

Attack Execution Flow

Step 1

Attack Techniques

Step 2

Step 3

Mitigations

Use Strong, Out-Of-Band Mutual Authentication To Always Fully Authenticate Both Ends Of Any Communications Channel.

Ensure Browser Sessions Are Regularly Terminated And When Their Effective Lifetime Ends.

Limit User Permissions To Prevent Browser Pivoting.

Ensure Software And Applications Are Only Downloaded From Legitimate And Reputable Sources, In Addition To Conducting Integrity Checks On The Downloaded Component.

Leverage Anti-Malware Tools, Which Can Detect Trojan Horse Malware.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Parent CAPECs

Related ATT&CK Techniques

Browser Session Hijacking

CAPEC 662 Adversary in the Browser (AiTB)

Description

Attack Execution Flow

Step 1

Attack Techniques

Step 2

Step 3

Mitigations

Use Strong, Out-Of-Band Mutual Authentication To Always Fully Authenticate Both Ends Of Any Communications Channel.

Ensure Browser Sessions Are Regularly Terminated And When Their Effective Lifetime Ends.

Limit User Permissions To Prevent Browser Pivoting.

Ensure Software And Applications Are Only Downloaded From Legitimate And Reputable Sources, In Addition To Conducting Integrity Checks On The Downloaded Component.

Leverage Anti-Malware Tools, Which Can Detect Trojan Horse Malware.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Parent CAPECs

Related ATT&CK Techniques

Browser Session Hijacking

Iscriviti alla newsletter