🔒

Understanding On-Path Attacks and Risks

May 25, 2025

On-Path Attacks Overview

On-path attacks, previously referred to as "man-in-the-middle" attacks, involve an attacker intercepting and potentially altering communications between two devices. These attacks are particularly dangerous because:

  • Invisible to Victims: The devices involved are unaware of the attack.
  • Information Interception: The attacker can view and modify data being exchanged.

ARP Poisoning

A specific type of on-path attack that exploits the lack of security in the Address Resolution Protocol (ARP).

How ARP Poisoning Works:

  • Network Requirements: Occurs on a local IP subnet; the attacker must be on the same subnet as the victim devices.
  • Process:
    • Devices communicate using MAC addresses resolved from IP addresses via ARP.
    • Normally, a device sends a broadcast to resolve an IP address to a MAC address.
    • The device caches the MAC address for future communications to avoid repetitive ARP requests.

Attack Execution:

  • Attacker Setup:

    • The attacker sends a spoofed ARP reply indicating it has the MAC address of a legitimate device (e.g., a router).
    • This spoofed reply updates the victim's ARP cache with the attacker's MAC address.

  • Result:

    • Communication between devices gets routed through the attacker.
    • The attacker can monitor, modify, or disrupt communication.

On-Path Browser Attacks

Also known as "man-in-the-browser" attacks, these involve malware on the victim's device acting as a proxy.

Characteristics:

  • Operates on Victim Device:
    • The malware can intercept traffic before and after it is sent to the network.
    • This means encrypted traffic is also visible to the attacker.

Implications:

  • Credential Theft:
    • The malware captures sensitive information like usernames and passwords, especially during transactions like online banking.
    • The attacker can initiate actions using captured credentials without the victim's knowledge.

Attack Outcomes:

  • Unauthorized Transactions:
    • The attacker may transfer funds, make purchases, or perform other unauthorized actions with captured credentials.

Summary

On-path attacks are sophisticated and stealthy, posing significant risk to data security by:

  • Remaining undetected by victims.
  • Allowing attackers to capture, view, and modify sensitive data.
  • Enabling potential financial and data loss through unauthorized access.

Full transcript