Watering hole attack

This article is about the computer hacking technique. For other uses, see Watering hole (disambiguation).

Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization's users frequent and then uses one or more of the websites to distribute malware. Eventually, some member of the targeted users will become infected. Attackers looking for specific information may only target users coming from a specific IP address. This also makes the attacks harder to detect and research. The name is derived from a strategy of predators in the natural world, who wait for an opportunity to attack their prey near watering holes. The attack strategy was named in The RSA Blog in 2012.

One of the most significant dangers of watering hole attacks is that they are executed via legitimate websites that cannot be easily blacklisted. Also, the scripts and malware used in these attacks are often meticulously created, making it challenging for an antivirus software to identify them as threats.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.