An interception attack refers to a scenario in which an attacker intercepts and alters the content of correspondence between two people without their knowledge. The hackers place themselves between the two parties to accomplish this, creating a MiTM (man in the middle) attack.
Here are some methods used to intercept:
- Hijacking wireless communication
- Altering network traffic
- Taking advantage of flaws in communication protocols
- Hacking into network infrastructure.
Though these methods may differ, the goal is to listen, alter, or forge the communication.
Examples of interception attack
- Man-in-the-middle attack: The hackers can place themselves between the two communicating parties. In doing so, the hacker can intercept their communication and messages, alter the content, or assume the identity of one or the parties involved.
- SSLStrip: An SSLStrip attack is a popular interception attack that targets the HTTPS communication protocol. It aims to deceive users into connecting to a less secure HTTP URL, redirecting them from the intended and secure HTTPS connection. Once there, the hacker can intercept and tamper with the traffic.
- Evil twin attacks: These attacks involve the hacker creating a rogue Wi-Fi access point that pretends to be a trusted network. Users unknowingly connect to these access points, allowing attackers to intercept and alter their data.
- DNS spoofing: It involves a hacker tampering with the domain name system (DNS) to redirect users to malicious websites or intercept their communication. The attacker accomplishes the DNS spoofing by modifying the DNS responses, tricking users into believing they are visiting a legitimate website—but they are communicating with the attacker’s server.