An unauthorized interception of network traffic. The man-in-the-middle (MITM) is the cybercrook, who typically intercepts a transmission between the user and a website at a poorly secured Wi-Fi hotspot, whether public or private. If the user is logging into a financial account, that data can be captured. Packets can also be modified going to the recipient and coming back with either side being unaware of the intrusion.
A man-in-the-middle attack can be used to intercept an encrypted message exchange and spoof the recipient into thinking the message is from a legitimate sender. In such a case, the attackers replace the public key from the original sender with their own public key in order to decrypt the message that will be sent back from the unsuspecting recipient. See
replay attack,
phishing,
public key cryptography and
ARP cache poisoning.