Web Security Terms Defined: Rat in the Browser Attack (RitB)
A Rat in the Browser attack (RitB) is a variant of the Man in the Browser (MitB) attack where a Trojan is injected into the browser. The trojan becomes an invisible middleman to a web browsing session. Commonly used in bank account hacking, a Rat in the Browser session is very hard to detect as the web browsing session looks normal and doesn’t raise red flags. From the bank’s end, the device accessing the website is trusted and has a known IP address. Also, the bank can’t detect any automated scripts. On the other end, the user doesn’t detect any changes because the RitB attack is altering web pages in real time, making the site look normal.