Man-in-the-Middle (MITM): HTTPS Spoofing
An adversary intercepted a secure communication and attempts to perform HTTPS spoofing for decrypting the traffic. In HTTPS spoofing, the adversary sends a rouge certificate to the victim’s browser once the initial connection request to a secure site is made. It holds a digital thumbprint associated with the compromised application, which the browser verifies according to an existing list of trusted sites. The adversary is then able to access any data entered by the victim before it’s passed to the application.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.
Created: 30 December 2020
Last Modified: 04 January 2021