the network.



               Another popular method of installing malware uses a pay-per-install
               approach. Criminals pay website operators to host their malware,
               which is often a fake anti-malware program (also called rogueware).

               The website operators are paid for every installation initiated from
               their website. Payments vary, but in general, payments for successful
               installations on computers in the United States pay more.

               Although the majority of malware arrives from the internet, some is
               transmitted to systems via Universal Serial Bus (USB) flash drives.
               Many viruses can detect when a user inserts a USB flash drive into a
               system. It then infects the drive. When the user plugs it into another

               system, the malware infects the other system.


               Man-in-the-Middle Attacks

               A man-in-the-middle (MITM) attack occurs when a malicious user
               can gain a position logically between the two endpoints of an ongoing
               communication. There are two types of man-in-the-middle attacks.
               One involves copying or sniffing the traffic between two parties, which
               is basically a sniffer attack as described in Chapter 14. The other type
               involves attackers positioning themselves in the line of communication

               where they act as a store-and-forward or proxy mechanism, as shown
               in Figure 17.3. The client and server think they are connected directly
               to each other. However, the attacker captures and forwards all data
               between the two systems. An attacker can collect logon credentials and
               other sensitive data as well as change the content of messages

               exchanged between the two systems.