Banking is a most important part of everyday life. This process has to be secured in every way possible. A team of security researchers has discovered a critical bug in the system, codenamed “Man in the Middle Attack”. This flaw allows important credentials to be stolen easily. Researchers from the University of Birmingham identified this bug at the end of 2017. Man in the middle attack can be performed on any Wi-Fi network. The public Wi-Fi access points are more prone to data leakage as anyone can access it. To keep your Windows machine(s) safe, consider taking a look at the best anti-malware tools.
What is Man in the Middle Attack?
The research team developed a tool for performing semi-automated security testing of mobile apps. For performing this attack, the victim, and the hacker – both have to be on the same Wi-Fi network. It’s a type of cyber-attack where a hacker inserts himself into a conversation between two parties. This attack can be used to harness real-time data processing and modify the actions sent/received by both parties. A bug in the security tech, known as the “certificate pinning”, allows this flaw to be exploited.
Certificate pinning was meant to improve the security. Instead, this now allows hackers to completely take over a victim’s online banking. This bug is already present in big banking apps like HSBC Bank, Santander, Allied Irish Banks, and NatWest etc. The tech is using in developing other online banking apps as well. Such situation opens a big hole for hackers to decrypt, read and modify network traffic, without any security notification.
How Man in the Middle Attack works
SSL pinning is used to add additional security layers in between hosts and devices to prevent such type of attacks. This method works by checking the copy of received certificate against the original copy saved on the server. SSL connection works by verifying that the certificate is authentic and the right one being present at the host server. The certificate pinning was strong enough to hide this flaw for this long time. Because of the lack of proper “hostname verification” process, banking apps weren’t checking the source connection – whether it’s received from a trusted or rogue source.
It’s a huge flaw! Hackers are able to perform making payments or transferring funds using this facility if exploited. The banking app of Santander and Allied Irish Bank even allowed rogue source(s) to take over a part of the app’s screen, thanks to another form of attack named “in-app phishing attacks”. A hacker could easily know the username and password/pin for future illegal usage.
What researchers say
Dr. Tom Chothia, a member of the research team, says that the flaw was hard to find but with their newly developed tool, they identified the weakness. He also added that it’s impossible to know if these flaws are already used, but not impossible. Chris McMahon said that their newly developed testing tools will help developers and penetration testers to check out for any security flaw against this Man in the Middle attack.
Researchers also suggest users update their apps as soon as it’s available. According to my opinion, it’s better to use data connection of your mobile on the go, as Man in the Middle attack works on Wi-Fi. With newer versions, patches for this bug will be covered. Keep an eye on the app store for the update of your banking app.
Man in the Middle attack is pretty nasty. However, devs are always working to ensure the best security possible. Until everything is ensured safe, it’s better to follow cautions until it’s fixed.