Simulating a valid verifier (including DNS manipulation) does not leak credentials to an attacker which can be used on subsequent authentication attempts. This feature does not cover man-in-the-middle-attacks which are executed in real-time, where the attackers opens simultaneous connections to the prover who is attacked and the verifier who is impersonated to forward input from the prover to the verifier.