What Is Browser-in-the-Middle Attack?

A Browser-in-the-Middle (BitM) attack occurs when an attacker intercepts and manipulates communication between a user's web browser and the website they are attempting to visit. Unlike traditional man-in-the-browser malware, BitM attacks trick victims into using an attacker-controlled transparent browser to access legitimate websites, capturing credentials and session tokens in real-time while bypassing multi-factor authentication.

How does browser-in-the-middle attack work?

BitM attacks function by substituting the victim's browser with a malicious transparent browser hosted on the attacker's platform using VNC-based protocols like noVNC.

Social engineering delivery

The attacker sends malicious link via phishing email, sponsored search ads, SMS, or social media according to AdminByRequest in 2024.

Transparent browser deployment

The victim clicks link and views legitimate website through attacker's controlled browser environment. The attacker's VNC server is configured to run a browser in kiosk mode, and when victims click on the link they see a login screen for the targeted service and log in as normal. The noVNC program connects to the VNC server directly from within the victim's browser, making the substitution seamless and nearly invisible according to Franco Tommasi et al. in 2021.

Real-time credential capture

All user actions—including login credentials and multi-factor authentication responses—are captured by the attacker.

Session hijacking

The attacker gains full access to authenticated session, bypassing MFA protections according to Google Cloud Blog and Springer Nature Link in 2025.

Technical advantages over traditional phishing include no suspicious URLs to scrutinize, no certificate warnings, and no fake interface indicators, making detection extremely difficult for end users according to OWASP Foundation.

What is the origin and research history of browser-in-the-middle?

The BitM attack technique was first described in a 2021 paper by Franco Tommasi, Christian Catalano, and Ivan Taurino from the University of Salento's Dipartimento di Ingegneria dell'Innovazione, published in the International Journal of Information Security (Springer Nature Link, 2021). Their research demonstrated how noVNC could be used to perform phishing attacks by displaying legitimate login pages from the attacker's server on a victim's browser, effectively replacing the victim's browser with a transparent proxy.

In January 2023, MITRE formally recognized the BitM technique and included it in the Common Attack Pattern Enumeration and Classification catalog as CAPEC ID-701, providing standardized classification for security practitioners and researchers (MITRE CAPEC, 2023).

In May 2025, Mandiant published research on the Google Cloud Blog titled "BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique," highlighting that BitM offers a pivotal advantage for attackers: the ability to reach any website in a matter of seconds with minimal configuration. Mandiant also disclosed the development of an internal BitM tool called Delusion, which enables operators to target specific applications without possessing prior knowledge about the authentication protocols employed. Mandiant chose not to publish Delusion publicly due to weaponization concerns (Google Cloud Blog, 2025).

A 2024 comprehensive analysis published in the journal Security and Privacy (Wiley Online Library) examined BitM as a modern form of man-in-the-middle attack, analyzing how malicious actors inject scripts, hijack sessions, and manipulate data to gain unauthorized access through browser vulnerabilities.

How does browser-in-the-middle differ from other attacks?

Why does browser-in-the-middle matter?

BitM attacks are recognized as an emerging threat, with academic research expanding significantly in 2024-2025. However, comprehensive industry-wide prevalence statistics are limited according to Wiley Online Library in 2024 and Springer Nature Link in 2025.

MFA effectiveness gap

Research from 2024 indicates BitM attacks are "currently highly capable of stealing login information protected by more than one factor" because detection difficulty is greater compared to comparable techniques according to Wiley Online Library in 2024. Stealing the session token is the equivalent of stealing the authenticated session, meaning an adversary no longer needs to perform the MFA challenge. This makes standard MFA methods including SMS codes, TOTP applications, and push notifications significantly less effective against BitM attacks (WeekendByte, 2025).

FIDO2/WebAuthn vulnerabilities

Recent 2025 research demonstrates BitM+ attacks (combining BitM with Reflected XSS vulnerabilities) can defeat FIDO2/WebAuthn hardware-based MFA solutions that were previously considered phishing-resistant according to Springer Nature Link in 2025 and Journal of Computer Virology and Hacking Techniques in 2025.

Scalability limitations

BitM attacks are "unlikely to scale well enough for large-scale phishing attacks aiming at a broad variety of users" due to infrastructure requirements, but remain highly effective for targeted attacks against high-value accounts according to Wiley Online Library in 2024.

Rapid targeting capability

According to Mandiant's 2025 research, a pivotal benefit of employing a BitM framework lies in its rapid targeting capability. Once the transparent browser infrastructure is established, an operator can target any web application in seconds with minimal configuration, eliminating the need to build custom phishing pages for each target service (Google Cloud Blog, 2025).

What are the limitations of browser-in-the-middle?

Infrastructure requirements

BitM attacks require significant technical infrastructure including transparent browser hosting and VNC implementation, making them resource-intensive compared to traditional phishing.

Scalability constraints

Limited ability to conduct mass campaigns means BitM is most effective for targeted, high-value targets.

Hardware security key detection

Standard BitM design initially fails to phish FIDO2 authentication due to absence of WebAuthn API communication channel according to Springer Nature Link in 2025.

User suspicion

Extended browsing sessions through proxy infrastructure may exhibit subtle latency or behavioral anomalies detectable by sophisticated users.

Network monitoring

Organizations with robust network monitoring can identify suspicious VNC or RFB protocol traffic patterns.

Endpoint-level origin

Organizations must recognize that BitM threats originate from compromised endpoints rather than traditional network-layer vulnerabilities. This means network-level defense alone is insufficient, and security strategies must incorporate endpoint protection, access control, visibility, and user education to address the full attack surface (Portnox, 2024).

How can organizations defend against browser-in-the-middle?

Hardware-based MFA

FIDO2/WebAuthn with hardware keys remains the most robust defense, though newer BitM+ variants require additional protections according to Springer Nature Link in 2025. FIDO2-based passkeys and hardware security keys are the recommended countermeasure because they verify the origin of the authentication request, binding the credential to the legitimate domain and preventing transparent proxy interception (WeekendByte, 2025).

Token binding

Implementation of Token Binding v1.0 cryptographically binds security tokens to the TLS layer, mitigating token theft and MITM attacks. Recommended approach is to require Token Binding on FIDO2 authentication when available according to Pen Test Partners and Silverfort Blog.

Token usage limits

Restrict OIDC tokens or SAML responses to single-use only, preventing token replay attacks according to Springer Nature Link in 2025.

Client certificates

Mandiant's 2025 research emphasizes client certificates as a critical defense for sensitive services. By requiring mutual TLS authentication, organizations ensure that even if an attacker captures session tokens through a BitM proxy, they cannot replay the session without the client-side certificate bound to the legitimate endpoint (Google Cloud Blog, 2025).

Recommended defenses

Hardware-based MFA (FIDO2 with proper token binding), client certificates for sensitive services, behavioral analytics to detect anomalous session activity, browser security headers (CSP, X-Frame-Options), and email authentication (SPF, DKIM, DMARC) to prevent phishing delivery according to AdminByRequest and Google Cloud Blog.

Organizational controls

Security awareness training emphasizing link verification, endpoint monitoring for VNC or RFB protocol activity, network segmentation to restrict attacker infrastructure access, and multi-layer threat detection combining email, network, and endpoint signals.