DoubleDirect MitM attack targets Android

LoudRam

Silver Member
Joined
Dec 18, 2010
Messages
1,735
Reaction score
432
Location
Southern NJ
Current Phone Model
Samsung Z Flip 3
Security researchers have discovered a new type of "Man-in-the-Middle" (MitM) attack in the wild targeting smartphone and tablets users on devices running either iOS or Android around the world.
The MitM attack, dubbed DoubleDirect, enables an attacker to redirect a victim’s traffic of major websites such as Google, Facebook and Twitter to a device controlled by the attacker. Once done, cyber crooks can steal victims’ valuable personal data, such as email IDs, login credentials and banking information as well as can deliver malware to the targeted mobile device.
San Francisco-based mobile security firmZimperium detailed the threat in a Thursday blog post, revealing that the DoubleDirect technique is being used by attackers in the wild in attacks against the users of web giants including Google, Facebook, Hotmail, Live.com and Twitter, across 31 countries, including the U.S., the U.K. and Canada.

More at link...

DoubleDirect MitM Attack Targets Android iOS and OS X Users
 
OP
LoudRam

LoudRam

Silver Member
Joined
Dec 18, 2010
Messages
1,735
Reaction score
432
Location
Southern NJ
Current Phone Model
Samsung Z Flip 3
Not a word in the article of what to look for to avoid this on mobile devices.
I found this in the original blog post. There is a link for it in the story I linked. If your rooted you can stop this. I'm not rooted so I can't.

...On the mobile side, most Android devices (galaxy series) with the accept_redirect field enabled by default

To disable you need to root your device and execute:
# echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
 
Last edited:
Top