Home Cybersecurity The Assault From The Man-in-the-Middle
Cybersecurity

The Assault From The Man-in-the-Middle

Share
The Assault From The Man-in-the-Middle
Share

In a photograph, the man in the middle might always be important, but in this case, it is not just that, it is dangerous, too! A Man-in-the-middle (MITM) refers to a flaw in the popular Ledger hardware crypto wallet programme that researchers discovered way back in 2018.

This flaw allowed hackers to change the destination address of bitcoin transactions and divert the victims’ cash to their own wallets. Users who thought hardware wallets like Ledger were the most secure way to hold their digital assets were disappointed by this revelation. 

But as the most recent revelation showed, any system that depends on key-agreement protocols and the storing and exchange of secrets is susceptible to man-in-the-middle assaults in some form. The best defence against MITM attacks is to utilise authentication mechanisms that do not require secrets.

How are MITM attacks conducted?

Cryptocurrencies like bitcoin use the blockchain, a distributed ledger of transactions, to transmit and hold funds. Every bitcoin transaction is delivered to a blockchain address that is secured by a set of encryption keys.

Any party can send money to an address using a public key that is accessible to everyone, and the address owner can transfer money to other parties using a secret private key.

A malicious actor penetrates two parties’ communication and steals or tampers with the information they communicate in an MITM attack. In the case of the Ledger wallet, malware deployed on the target computer modifies bitcoin transaction destination addresses to include the attacker’s wallet address instead.

Users must manually match the address presented on their computer with the one that displays on the Ledger’s display in order to detect and halt the attack.

Passwords, encryption keys, code signing keys, and other sensitive information that we use to identify and authenticate ourselves online have all been stolen by hackers using MITM attacks.

Because they give hackers the ability to pass as authorised individuals and carry out extremely harmful deeds like inserting malware into the web pages, data, and programmes that we access and exchange online, MITM attacks are particularly risky. 

Role of multi-channel tech to prevent MITM attacks

Man-in-the-middle attackers are aware that we depend on secrets to protect the authenticity of our identities and the confidentiality of our conversations. They will be able to act maliciously on our behalf if they are able to mimic us and obtain access to those secrets.

Hackers would have a more difficult time setting up man-in-the-middle attacks if there were a means to verify yourself, interact, and share information without having to divulge secrets.

Different parties can validate each other’s identities using different platforms which are available in the Market. zero-knowledge authentication without exchanging keys or disclosing sensitive information.

Passwords and keys are not stored in the platforms or their apps. Hackers are unable to execute man in the middle attacks without one single point of failure.

Platforms use a multichannel secret sharing technique that authenticates users piecemeal over many channels, such as SSL, Push notification, and encrypted mobile memory, to further protect sensitive processes.

This makes it impossible for potential attackers to impersonate the user because they would need to separately compromise each channel.

Many Platforms offer a user-friendly layout that is simple to navigate. The highest level of authentication assurance is maintained without requiring users to recall passwords or go through laborious steps in order to authenticate and authorise operations.

Share
Written by
Srinivasan Chari -

Dr. Srinivasan Gopal Chari’s educational odyssey is testament to his insatiable hunger for knowledge and a multidimensional perspective. His formal education spans disciplines such as Financial Markets, Social Media, Environmental Communication and Research papers.

Latest News

Singapore's Temasek Rules Out Crypto Investments, Plans To Triple AI Portfolio By 2031
News

Singapore’s Temasek Rules Out Crypto Investments, Plans To Triple AI Portfolio By 2031

Singapore’s Temasek has ruled out direct cryptocurrency investments and is prioritizing artificial intelligence (AI) as its long-term growth strategy. The $400 billion...

Tokenized Stock Transfers Double To $8.4B As On-chain Equities Gain Momentum
News

Tokenized Stock Transfers Double To $8.4B As On-chain Equities Gain Momentum

Transfers of tokenized stocks jumped 105% in the past month to $8.41 billion, showing growing demand for blockchain-based equity markets. Data from...

Trump-linked AI Financial Explores $15M Sale Of Core Business After WLFI Token Losses
News

Trump-linked AI Financial Explores $15M Sale Of Core Business After WLFI Token Losses

AI Financial Corporation, the Nasdaq-listed company formerly known as Alt5 Sigma, is reportedly exploring the sale of its core payments business for...

Russia Moves Closer To New Crypto Rules With Simpler Reporting Requirements
News

Russia Moves Closer To New Crypto Rules With Simpler Reporting Requirements

Russia is moving closer to a regulated cryptocurrency market after the State Duma’s Financial Markets Committee approved a revised crypto oversight bill...

Latest Blogs

Crypto Savings 101: How To Earn Passive Income From Stablecoins

Introduction Let’s imagine a hypothetical situation of wanting to sell Bitcoin after a big rally! Suppose you now have $10,000 in your...

How To Know What Drives The Price Of AI Tokens?

Have you ever wondered why some Artificial Intelligence (AI) tokens witness huge price rallies while others struggle to survive? Well, the AI...

5 Ways You Can Make Money From AI Tokens

AI Tokens are perhaps the hottest trend in the cryptocurrency market today and are most likely to become a major investment narrative...

Rise Of AI Memecoins: How AI Is Redefining Memecoin Trading

The world of cryptocurrency has always been full of surprises, but the rise of AI agents in memecoin trading is something new...

Related Articles

AI-enabled Fraud Detection In Digital Finance

Do you remember the last time you used an Automated Teller Machine(ATM)...

Crypto Security & Best Practices: How To Keep Your Crypto Safe: Everything You Should Know

Crypto Security and Its Importance Digital transformation has created financial opportunities through...

What is the Future of Cybersecurity Career & Jobs?

Plum Job Opportunities In Cybersecurity: Heydays Ahead Rewarding positions are waiting for...

6 Major Cybersecurity Challenges in Metaverse

Addressing Cybersecurity Challenges In Metaverse Metaverse is a virtual environment or a...