Session hijacking

Session hijacking refers to an attack in which a legitimate user session is commandeered. In a session hijacking attack, a user’s activities are monitored, typically by a malicious browser component. When the user logs into his or her account, or initiates a transaction, the malicious software “[hijack]]s” the session to perform malicious actions, such as transferring money, once the user has legitimately established his or her credentials.

Session hijacking can be performed on a user’s local computer by malware, or can also be performed remotely as part of a man-in-the-middle attack. When performed locally by malware, session hijacking can look to the targeted site exactly like a legitimate user interaction, being initiated from the user’s home computer.