ARP Spoofing Malware

ARP Spoofing is a technique that every security consultant will scare their clients with as a means to prove the point that nothing within the network is safe from eavesdropping. So what is it? ARP spoofing, also known as ARP poisoning, is a technique used to attack an Ethernet network. It allows an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. Something that should be mentioned here from the outset; this is nothing new, ARP Spoofing is well known and understood in the security community, such an understanding has resulted in technologies being developed to combat the attack. What is new, however, is that malware authors have seen the potential of this attack and are starting to use it.