The impact of MitM attack

196 views
Skip to first unread message

Jin Tong

unread,
Oct 5, 2025, 10:26:20 PMOct 5
to dev-secur...@mozilla.org

Hello everyone,

I'd like to discuss the potential impacts of a man-in-the-middle (MitM) attacker after a fraudulent certificate is issued. I hope someone can provide answers or recommend relevant materials addressing these questions:

  1. After a fraudulent certificate is discovered, how long does it typically take to remove the fraudulent certificate and the associated CA to eliminate potential MitM attacks?

  2. State-level MitM attacks often involve hijacking critical network nodes, suggesting such attacks typically exhibit geographic characteristics. Is it reasonable to assume that for most countries or regions, at least one victim node would escape the compromised environment within a day (e.g., by using a VPN or relocating their physical location)? If not, what would be a more accurate timeframe?

Sincerely looking forward to your reply,
Jin Tong
Reply all
Reply to author
Forward
0 new messages