Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits
Brian Kondracki, Babak Amin Azad, Oleksii Starov, Nick Nikiforakis
Abstract
For over a decade, phishing toolkits have been helping attackers automate and streamline their phishing campaigns. Man-in-the- Middle (MITM) phishing toolkits are the latest evolution in this space, where toolkits act as malicious reverse proxy servers of online services, mirroring live content to users while extracting cre- dentials and session cookies in transit. These tools further reduce the work required by attackers, automate the harvesting of 2FA- authenticated sessions, and substantially increase the believability of phishing web pages.
Topics & Concepts
PhishingMan-in-the-middle attackComputer scienceComputer securityServerSession (web analytics)World Wide WebAuthentication (law)The InternetSpam and Phishing DetectionAdvanced Malware Detection TechniquesUser Authentication and Security Systems