An adversary-in-the-middle attack intercepts and relays authentication in real time between the user and the legitimate service. It is especially dangerous for OTPs because the attacker can capture the code while it is still valid and immediately use it to complete login.
Expanded Definition
An adversary-in-the-middle attack sits between a legitimate user or agent and the target service, relaying traffic in real time so the session appears normal while credentials, tokens, or OTPs are stolen. It differs from simple phishing because the attacker is actively proxying the interaction, not just collecting input.
In NHI environments, the same pattern can be used against SSO flows, device enrollment, agent approvals, and secret retrieval paths when an AI Agent or operator is tricked into authenticating through a counterfeit endpoint. Usage in the industry is still evolving, but the core risk is consistent: the attacker captures a valid authentication moment and reuses it before the session or token expires. Guidance on this attack class aligns with broader identity-resilience thinking in the MITRE ATLAS adversarial AI threat matrix and with defensive patterns that reduce exposed session value.
The most common misapplication is treating it as a password-only problem, which occurs when teams ignore session interception, MFA relay, and downstream token theft.
Examples and Use Cases
Implementing defenses against adversary-in-the-middle attacks rigorously often introduces authentication friction, requiring organisations to weigh stronger verification against user and automation latency.
- An operator receives a convincing login page, enters credentials and OTP, and the attacker immediately relays the session to the real SaaS console.
- An AI Agent is approved through a fake device or consent workflow, allowing the attacker to harvest the resulting access token and impersonate the agent.
- A service account recovery flow is intercepted during browser-based admin access, leading to secret exposure and unauthorized privilege escalation. The Top 10 NHI Issues highlights how weak identity handling turns one session compromise into broader NHI abuse.
- A third-party support login is proxied through a malicious reverse channel, letting the attacker observe both the initial authentication and the follow-on application session.
- Exposure can escalate quickly once credentials are in play, which is why NHIMG’s Ultimate Guide to NHIs — Key Challenges and Risks and the Anthropic — first AI-orchestrated cyber espionage campaign report both underscore how quickly an attacker can operationalize stolen access.
Why It Matters in NHI Security
Adversary-in-the-middle attacks matter because they defeat assumptions built into passwords, OTPs, and even some SSO flows. If a control depends only on the user proving possession once, the attacker can forward that proof and inherit the session. For NHIs, this is especially dangerous when agents, scripts, and automated workflows use browser-mediated approvals or long-lived tokens that can be replayed after interception.
NHIMG research shows the scale of identity weakness behind these events. In the Ultimate Guide to NHIs — Why NHI Security Matters Now, 80% of identity breaches involved compromised non-human identities such as service accounts and API keys. That matters here because interception often becomes the first step in broader NHI compromise, especially when secrets, tokens, or delegated access are reachable from the captured session. The 52 NHI Breaches Analysis and CISA cyber threat advisories both reinforce the practical lesson: identity interception is rarely the endpoint, only the entry point.
Organisations typically encounter token misuse, unauthorized admin actions, or unexpected API calls only after a session has already been hijacked, at which point adversary-in-the-middle becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST SP 800-63 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-04 | Covers session and authentication weaknesses that enable relay and token theft. |
| NIST SP 800-63 | Digital identity guidance informs stronger authenticators and resistance to phishing. | |
| NIST Zero Trust (SP 800-207) | PS-3 | Zero Trust requires continuous verification after initial authentication is complete. |
Use phishing-resistant authenticators and reduce OTP-only reliance for sensitive access.
