Adversary-in-the-Middle (T1638)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Adversary-in-the-Middle

Associated Tactics

  • Collection

Collection (TA0035)

The adversary is trying to gather data of interest to their goal. Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. This category also covers locations on a system or network where the adversary may look for information to exfiltrate.

View on ATT&CK

Procedure Examples

Description Source(s)
Check Point Research Team. (2018, August 12). Man-in-the-Disk: A New Attack Surface for Android Apps. Retrieved October 31, 2023. mitd_checkpoint
Drozhzhin, A. (2018, August 27). Man-in-the-Disk: A new and dangerous way to hack Android. Retrieved October 31, 2023. mitd_kaspersky
Lee, A., Ramirez, T. (2018, August 15). A Security Analyst’s Guide to Network Security Configuration in Android P . Retrieved February 7, 2024. NSC_Android
Makkaveev, S. (2018, August 12). Man-in-the-Disk: Android Apps Exposed via External Storage. Retrieved October 31, 2023. mitd_checkpoint_research
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue