Adversary-In-The-Middle Attack (AitM)

13th May 2020 | Cybrary Adversary-In-The-Middle Attack (AitM)


Adversary in the Middle (AITM) Attack (formerly referenced as Man-in-the-Middle) is a technical term for when a hacker positions himself in a conversation between a user and an application; either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway. The main goal of these attacks is to steal sensitive information from the victims, such as login credentials to online accounts such as email, banking, or virtual private network. 

Often these attacks occur on rogue Wi-Fi networks masquerading as the local businesses real Wi-Fi.  Unsuspecting users connect to the fake Wi-Fi network and their traffic is intercepted and inspected for these juicy authentication details.

Fortunately, most websites have established https requirements which can hide authentication information unless the hacker is using an HTTPS proxy combined with spoofed DNS requests.  In these cases, the hacker can pretend to be the actual website you’re attempting to log into, however, the SSL certificates can be a dead give-away that something’s amiss.

These types of attacks are often paired with phishing attacks and attempt to convince users to click malicious links or enter in personal data on a fake webpage to steal their personal information.  These fake websites can have legitimate SSL certificates that avoid the earlier mentioned SSL certificate issue that comes with spoofing a legitimate website address in DNS.

Source: Imperva

Additional Reading:

  1. Man-in-the-Middle Attacks: A Growing But Preventable Mobile Threat
  2. Wiki Leaks reveals CIA’s Man-in-the-Middle Attack Tool

Related Terms:

What does this mean for an SMB?

As an SMB, there are some actions you can take to reduce the likelihood of becoming victim to Adversary-in-the-Middle attacks. As with most cyber threats, being aware of the attack and where or how it is perpetrated is crucial. Therefore, be sure to educate employees on how to protect themselves while on WiFi networks and what a AiTM attack is will help a great deal. Aside from user education and awareness training, here are a few things you can do:

  • Avoid Public, Unprotected WiFi networks;
  • Ensure websites you are using are secured with HTTPS protocols;
  • Log out of applications when not using them;
  • Use a VPN to secure and encrypt your connection whenever dealing with sensitive information or transactions.

To learn more about AitM Attacks, watch this short 3 minute video:

https://www.youtube.com/watch?v=DgqID9k83oQ

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

CyberHoot Newsletter – June 2025

CyberHoot Newsletter – June 2025

CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...

Read more
Make Phishing Training Count with HootPhish

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more