Netresec’s Erik Hjelmvik:
In short, this is how this Man-on-the-Side attack is carried out:
- An innocent user is browsing the internet from outside China.
The attack has ended, for now, but that doesn’t make this any less frightening. If you’re a big-ish website that hosts views contrary to the Chinese government’s liking, your website could get torpedoed. Or you could get caught in the crossfire.