A Man-in-the-Browser (MitB) Attack is a type of
Man-in-the-Middle (MitM) Attack specifically involving a browser infected with some type of proxy malware. This malware allows an attacker to intercept or modify information sent from a user’s browser to a server, and works regardless of the existence of a two or three step authentication system for a web application. Such attacks are often carried out in an attempt to steal financial information by intercepting a user’s traffic to a banking site. Users who are under such an attack are rarely able to tell as are the web applications he or she is interacting with. The
Zeus Trojan is an example of malware that possesses MitB Attack capabilities.