You rarely see a MITM attack in real life, but the Miami Heat (that’s 2-time champion basketball for the foreign readers) big man Chris Andersen, known as ‘Birdman’ for his Mohawk and many tattoos, appears to have been the victim of one:
Andersen’s lawyer and agent, Mark Bryant, said his client was duped by a woman in Canada who sought a relationship and gifts and who threatened a female acquaintance of Andersen’s in California while impersonating the tattoo-covered fan favorite known as “Birdman.”
Bryant said neither Andersen nor his acquaintance realized they weren’t communicating with each other online or via cellphone texts but rather were communicating with the woman in Canada, who impersonated one to the other.
The article at Huffington isn’t clear about all the messy details; more oddly it calls the scam a “Catfishing Hoax” but that doesn’t seem appropriate because (as I understand it) in a Catfishing scenario the other person doesn’t exist. Here, it sounds like both parties existed but an intermediary was able to insert herself into their communications. The Man in the Middle (MITM) attack is one of the things that security professionals worry about a great deal when assessing purportedly secure communications mechanisms.
Please feel free to correct me in comments if I misunderstood something.
Update: Much clearer article at ESPN.com, Heat’s Chris Andersen cleared:
“We were always confident that Chris was innocent but we just couldn’t figure out what had happened,” Andersen’s lawyer, Mark Bryant, told ESPN.com. “It turned out that it was a Manti Te’o situation. It was Manti Te’o on steroids.”
Te’o, the former Notre Dame football star, was caught up in a scheme last year when several individuals created a fake person and started a relationship with Te’o over the Internet, something known as “catfishing.”
In Andersen’s case, a woman in the middle used social media to dupe two people without their knowledge, according to police.
The woman, identified by the Denver Post as Shelly Lynn Chartier of Easterville, Manitoba, posed as Andersen in electronic conversations with a woman in California. Then she posed as the California woman in electronic conversations with Andersen.
Along the way, police told Andersen, she made threats pretending to be Andersen and attempted extortion pretending to be the woman from California. Chartier was arrested by Canadian authorities in January.
…
“When they searched Chris’ house they were basically looking for an I.P. address,” Bryant said. “But it wasn’t there. They kept investigating but it took time because it ended up involving two countries.”
…
More than a year after sheriffs from Douglas Country, Colo., searched Andersen’s home, they asked for a meeting with him. ….
… Using charts and slowly explaining their case, the authorities informed Andersen what had happened to him.
“It was right out of CSI with all the charts,” Bryant said. “When we walked in there both pretty hostile, it had been 15 months since this happened and we were cooperating but we hadn’t heard anything. Chris had a pretty good scowl.”
As the police started showing him what took place, Andersen unfolded his arms and then moved closer to the table. He and Bryant just looked at each other, stunned by what they were being told had taken place.
“When they searched Chris’ house they were basically looking for an I.P. address,” Bryant said. “But it wasn’t there. They kept investigating but it took time because it ended up involving two countries.”
You expect clear understandable details from one who thinks the above is logical?
And I’d lean more toward a double catfish than a single MITM, because (given limited facts exposed in your post) neither party ever really contacted the other – their connection never actually existed. When there is a MITM (say with your bank’s website), you HAVE an account, you HAVE contact with than bank – on other occasions – but it gets subverted THIS time. I can see it both ways, but my feeling is that if these people were strangers in reality, then there was never a connection to get in the middle of.
I took the part you quote to mean that they searched the house, investigated the phones/computers/routers looking for evidence that he had contacted the victim’s addresses and IP#, but never found it because his contacts were all with the MITM who had different addresses/IP#.
The two countries part just means international law enforcement cooperation can be slow in lower-priority cases.
The ESPN story in the update is clearer, and really does sound like a MITM not ‘double catfish’ exotic as that sounds.
But who knows.