Skip to main content

Home SSL stripping attack

SSL stripping attack

(also SSL/TLS downgrade, HTTPS downgrade)

SSL stripping attack definition

An SSL stripping attack is a type of cyberattack that hackers commit by downgrading a device’s or network’s web connection to a less secure one. Namely, if a device is using an HTTPS connection, which is the more secure type of connection, the hackers will downgrade it to an HTTP one, which is less secure.

SSL stripping attacks result in the previously encrypted communication of a device becoming unencrypted. By doing so, they prepare a device for a man-in-the-middle attack, where a hacker can sit in the middle of a conversation between two devices and monitor it. Thus, an SSL stripping attack enables hackers to eavesdrop on peoples’ private conversations.

By making an SSL stripping attack, hackers can steal private information and change data without permission or anyone knowing. It is a robust attack that is not easy to spot and can be used on all kinds of websites, no matter how secure they are.

See also: SSL encryption, man-in-the-middle attack

SSL stripping attack potential risks

Stolen data. An SSL stripping attack enables hackers to access all the data that users send to a website because it decrypts the messages, making them readable for everyone. Thus, it allows hackers to steal intellectual property and other sensitive data.

Fake transactions. With an SSL stripping attack, hackers can also send messages from a website to a user. So they can send false information and lead users to do what they want them to instead of what they should do. They can make users click on malicious links that install malware on their devices and do many similar actions.

Infect other systems. Since an SSL stripping attack gives way to a man-in-the-middle attack, it allows hackers to make other systems in the same network vulnerable by only attacking one.