What is Adversary-in-the-Middle (AiTM)?

Adversary-in-the-Middle (AiTM) Explained

Adversary-in-the-Middle (AiTM) is a phishing technique that uses a reverse proxy to intercept authentication credentials and session tokens in real time, enabling attackers to bypass multi-factor authentication (MFA). The term originates from MITRE ATT&CK technique T1557, which describes adversaries positioning themselves between networked devices to intercept communications. In its modern application, AiTM specifically targets web authentication flows: the attacker deploys a proxy server between the victim and a legitimate login page, captures the session cookie issued after the victim completes the full authentication process (including MFA), and replays that cookie to gain authenticated access.

How Adversary-in-the-Middle Phishing Works

AiTM phishing attacks follow a consistent sequence that distinguishes them from traditional credential harvesting:

• Phishing delivery. The victim receives a phishing email containing a link to what appears to be a legitimate login page. The link points to the attacker's reverse proxy server, which hosts a domain designed to resemble the target service through typosquatting or lookalike URLs.

• Proxy relay. The reverse proxy fetches the real login page from the legitimate service (such as Microsoft 365 or Google Workspace) and serves it to the victim. Every element of the page, including branding, form fields, and JavaScript, is relayed in real time. The victim interacts with what looks and functions exactly like the genuine login experience.

• Credential and MFA capture. The victim enters their username and password, which the proxy forwards to the real service. When the service issues an MFA prompt (SMS code, authenticator app push, or TOTP), the victim completes it through the proxy. The proxy passes each response to the real service transparently.

• Session cookie theft. After the victim successfully authenticates, the legitimate service issues a session cookie. The proxy intercepts this cookie before delivering the authenticated page to the victim. MITRE ATT&CK catalogs this behavior under T1539: Steal Web Session Cookie, which explicitly references reverse proxy frameworks as a session theft vector.

• Account access. The attacker imports the stolen session cookie into their own browser, gaining full access to the victim's account without needing their password or MFA device. Because the session is already authenticated, no further verification is triggered.

AiTM Phishing Kits and the Threat Landscape

The proliferation of commercial and open-source AiTM phishing kits has made this technique accessible to attackers with limited technical skill. Three kits dominate the landscape:

Evilginx is an open-source reverse proxy framework that intercepts TLS connections and rewrites every reference to the legitimate domain across HTML, JavaScript, CSS, headers, and cookies. When Evilginx detects a successful authentication (by observing specific session cookies), it logs the captured credentials and tokens automatically.

EvilProxy packages the same reverse proxy approach as a managed phishing-as-a-service platform. Subscribers pay monthly fees for a web interface that handles campaign creation, target selection, and session retrieval. EvilProxy integrates anti-analysis features, including Cloudflare Turnstile challenges and VM detection, to evade security researchers.

Tycoon 2FA emerged as a major AiTM kit specifically targeting Microsoft Entra ID and Google Workspace accounts. It operates on the same proxy relay model but includes additional obfuscation layers designed to evade browser-based and network-based detection.

Microsoft documented a large-scale AiTM campaign that targeted over 10,000 organizations using reverse proxy infrastructure to steal session cookies and pivot into business email compromise operations. Attackers who capture a session cookie often move immediately to mailbox rule creation, internal phishing, and financial fraud, following the same playbook as traditional account takeover attacks.

Phishing-resistant authentication methods, particularly FIDO2 security keys and passkeys, counter AiTM attacks because the cryptographic handshake is bound to the legitimate domain. A reverse proxy serving the page from a different domain cannot complete the FIDO2 challenge, breaking the attack chain at the MFA step.

Adversary-in-the-Middle Protection from IRONSCALES

IRONSCALES behavioral AI analyzes URL patterns, reverse-proxy indicators, and anomalous login page characteristics in phishing emails to detect AiTM campaigns that signature-based tools miss.

Related Terms

• MFA Bypass
• Man-in-the-Middle Attack
• Credential Harvesting
• Fake Login Pages
• Account Takeover