An attack when a cybercriminal positions himself in the conversation between an application and a server. This type of eavesdropping attack interferes with the data transfer, allowing the perpetrator to intercept confidential data and inject malicious links in such a way that it seems legitimate to the application and server.