By injecting forged messages to the remote server, attacker can truncate TLS connections over malicious networks. Exploiting most logical web applications vulnerabilities, Truncation attacks were mostly executed on casting votes in Helios elections, also taking full control over Microsoft live accounts & temporarily accessing to Google accounts. Attacker doesn’t rely on installing malware on client computers. But as long as he can be in the middle of client-server connection, he can take control over user’s account where user unknowingly remains logged-in. In that case server can excuse that it doesn’t receive original user’s log out request as man-in-the-middle performs forged actions.