(pressebox) Redwood Shores, CA, 07.02.2011 – Hackers are taking the tried-and-trusted phishing scheme to the next level with a rash of recent attacks utilizing what Imperva has dubbed as the „Boy-in-the-Browser“ (BitB) technique – details of which will be released in full at RSA next week.
Evolved from a phishing attack, but not as sophisticated as a Man-in-the-Browser (MitB) attack, hackers are using this BitB technique to reroute a user’s traffic to pass through an attacker-controlled server, such as a phishing site or a proxy to the legitimate online application.
Where MitB techniques have become popular to attack banking customers, Imperva has seen that BitB techniques have been used in ad fraud and on e-commerce sites. This technique is growing in popularity due to its easy execution and ability to remain undetected from anti-virus.