[Cryptography] that endangered species, the email mitm, spotted in the wild

John Levine johnl at iecc.com
Fri Dec 6 10:46:48 EST 2019

In article <1a5686c7-a505-fcc2-76e0-41974abee636 at iang.org> you write:
>Being one of those who has said repeatedly for decades that we got the 
>whole threat model thing precisely backwards, because there is 
>approximately zero evidence of that mythical beast, the MITM, can only 
>present myself for castigation - here's an actual MITM over email 
>spotted in the wild.  Which of course now justifies 3 decades of trying 
>and failing to secure email... We must try & fail harder.

This was a pretty low-tech MITM. Bad guy broke into one of the
parties' mail server, which remains depressingly easy, saw a
transaction in progress, then registered fake lookalike domains for
the two parties, sent an intro message from each fake domain to the
other real domain, and then did a totally manual MITM editing and
forwarding messages back and forth.

To a large degree this is due to the security hostile, excuse me, user
friendly design of most user mail programs.  They don't show you the
actual From: address on the message, only the comment which is
supposed to be the author's name but can actually be anything.  No
amount of crypto magic will help if the identifer in UI shows you a 
random string totally controlled by the potentially hostile party.

Also, as it points out in the last paragraph, if you send a million
dollar wire transfer without verifying that the recipient is who you
think it is, what do you expect will happen?

FYI, this lookalike domain trick is a totally standard spear phishing
technique.  Sometimes they break in, sometimes they just poke around a
business' online info to guess who a supplier or customer would be.
The variation is more often substituting rn for m but it hardly
matters since people aren't very good at spotting minor variations
from what they're expecting.


PS: We are in the process of selling a house and every single message
from the broker says at the bottom never to accept payment
instructions by e-mail.

More information about the cryptography mailing list