How a watering hole attack work

Posted: November 13, 2013 in Analysis
Tags: ,

Watering Hole is a computer attack strategy identified in 2012 by the RSA security firm. The attacker wants to attack a particular group (organization, industry, or region). The attack consists of three phases:

  • Guess (or observe) which websites the group often uses.
  • Infect one or more of these websites with malware.
  • Eventually, some member of the targeted group will get infected.

Relying on websites the group trusts makes this strategy efficient even with groups that are resistant to spear phishing and other forms of phishing.

Ref :


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s