What Is Sidejacking and How Is It Executed?

【Sidejacking】What it is and how to set it up

May 19, 2022

5 min read

Ivona Simic

In this article:

Sidejacking is a cyber-attack during which a malicious user gains unauthorized access over a legitimate user’s access to a website by intercepting and abusing their credentials. It’s also known as session or cookie hijacking and resembles the well-known Man-in-the-Middle attack

The goal of this process of interception and illegal reading of network traffic is to steal the session cookie. Websites that require authentication through a username and password are the most common platforms on which sidejacking can be executed. These are abundant on the internet — including email accounts, social networks, and eCommerce sites. 

Let’s dive into what this threat entails, how it is performed, and the different types of sidejacking based on session cookie theft.  

What Is Sidejacking?

Sidejacking is one of the common security issues these days. In a nutshell, an attacker gains access to a session cookie and abuses it to impersonate the victim user. 

The malicious user can thus execute various activities that otherwise the user would be able to do once they’re logged in to the website. The repercussions of such impersonation can be grave — including identity theft, financial losses, sensitive data download, negative publicity, and more. 

How Sidejacking Is Executed

Session sidejacking is categorized as CAPEC-102 by MITRE. It

Read more

Explore the site

More from the blog

Latest News