Man-in-the-middle attack is a type of cyber attack whereby an attacker positions himself in a conversation between two computer users (or a user and an application) in a network. Attacker impersonates two users and captures information that the two users were trying to send to each other. A man-in-the-middle attack is when a malicious person in a particular network has successfully positioned himself in the middle of communication and able to intercept (view, capture or modify) whatever data communicated between two users.
The malicious purpose of man-in-the-middle attack is to steal confidential information, such as bank login details, online account details, credit card numbers and email id and login password. Information stolen during an man-in-the-middle attack could be used for many purposes that may include identity theft, illegal fund transfers, payment with stolen credit cards, etc.
Man-in-the-middle can also termed as Network sniffs or Eavesdropping attacks that happens when a malicious person position him/herself into a communication session between people or systems.
A man-in-the-middle attack involved three parties. The victim (usually any user in same network), another computer user or an application or server which the victim is trying to communicate, and the “man in the middle,” (malicious person) who is intercepting the victim’s communications.