Exam SY0-601 topic 1 question 135 discussion

On path attack is often known as man in the middle.

" eavesdropping " LISTENING IN..... MITM.....

Domain hijacking typically involves unauthorized changes to the registration of a domain name, redirecting traffic meant for a legitimate website to a different site controlled by the attacker. In this scenario, the attack involves eavesdropping on the user's activity and spoofing the IP address of the shopping site to intercept sensitive information, leading to unauthorized purchases. Therefore, the correct answer is an on-path attack, not domain hijacking.

In an on-path attack, also known as a Man-in-the-Middle (MITM) attack, the attacker intercepts and relays communication between two parties, making them believe they are communicating directly with each other. The attacker can eavesdrop on the communication and even modify the data transmitted between the parties. In this scenario, the attacker was eavesdropping on the user's online shopping session, and by spoofing the IP address associated with the shopping site, they could intercept the user's communication with the site. The attacker then modified the data, resulting in the user receiving an email regarding unusual purchases on their credit card statement, which the attacker may have initiated.

Based on the information provided, the attack that took place is a: A. On-path attack In an on-path attack (also known as a man-in-the-middle attack), the attacker intercepts and relays communication between two parties. In this scenario, the attacker eavesdropped on the user's communication with the shopping site and spoofed the IP address to trick the user into thinking they were communicating with the legitimate site while in reality, the attacker was in the middle of the communication. As a result, the attacker was able to obtain the user's credit card information and conduct unauthorized purchases, leading to the unusual credit card statement.

A. On-path attack. The attacker was able to intercept and manipulate the communication between the user and the shopping site by spoofing the IP address, leading to the interception of the user's credit card information.

Answer is B. DNS Highjacking and DNS spoofing/poisoning are the type of On-path attack. Now read this:- DNS spoofing/cache poisoning: This is an attack where forged DNS data is introduced into a DNS resolver’s cache, resulting in the resolver returning an incorrect IP address for a domain. Instead of going to the correct website, traffic can be diverted to a malicious machine or anywhere else the attacker desires; often this will be a replica of the original site used for malicious purposes such as distributing malware or collecting login information. In this question, IP spoofed and traffic diverted to the spoofed IP where attacker already craeted a replica copy of actual website. When use entered his/her credit card details, it was collected by attacker and then later on used user create card with collected information to make the purchase and then user received email with credit card statement.

If victim paid for example for shopping 50$ and it went to some other account then yes hijacking but there was many payments made for different stuff what suggests someone had his card details hence on-path attack

C. Domain hijacking Domain hijacking refers to the unauthorized acquisition of control over a domain name. In this case, the attacker was able to spoof the IP address associated with the shopping site, which means they were able to redirect traffic intended for the legitimate website to a different website under their control. This allowed the attacker to eavesdrop on the user while they were shopping online and potentially steal their credit card information. An on-path attack is an attack in which the attacker has control over a network along the path between the sender and the receiver. Protocol poisoning is a type of attack in which an attacker modifies a protocol message in an attempt to disrupt or subvert normal communication. Bluejacking is a type of attack in which an attacker sends unsolicited messages to Bluetooth-enabled devices. None of these attacks are directly related to the scenario described in the question.

Answer: On-path attack An On-path attack(Man in the Middle) occurs when an attacker place themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two. In this question, the attacker was eavesdropping on the connection which means they placed themselves between the user and the shopping site and intercepted the communication. The attacker had likely captured credit card information or account information from the site to be able to make the purchases.

Man in the middle.

A, FYI, Domain hijacking is the act of changing the registration of a domain name without the permission of the original owner, or by abuse of privileges on domain hosting and domain registrar systems.

"Eavesdroppping" - On-Path

A: On-path (MTM) - attacker was eavesdropping on the communications, spoofed the IP of the shopping site that the victim thought was legit, a purchase was attempted, credit info intercepted.