But how would it grab any login stuff when the major social network sites enforces https?
I mean, unless it intercepts the certificate and injects its own root certificate (which browsers normally notices and warns about) it wouldn't be able to read the encrypted traffic.
[QUOTE=Lord Fear;47823716]But how would it grab any login stuff when the major social network sites enforces https?
I mean, unless it intercepts the certificate and injects its own root certificate (which browsers normally notices and warns about) it wouldn't be able to read the encrypted traffic.[/QUOTE]
Here is a very detailed explanation of how it is doing it.
[url]http://www.welivesecurity.com/wp-content/uploads/2015/05/Dissecting-LinuxMoose.pdf[/url]
[QUOTE=Jsm;47825347]Here is a very detailed explanation of how it is doing it.
[url]http://www.welivesecurity.com/wp-content/uploads/2015/05/Dissecting-LinuxMoose.pdf[/url][/QUOTE]
It seems the primary objective is to create new accounts instead of taking over yours.
However, it does attempt to take it over by hijacking the routers DNS and redirects it to their servers to make a man-in-the-middle attack.
Clever.
Sorry, you need to Log In to post a reply to this thread.
