What Is a Watering Hole Attack?
3 years ago

What Is a Watering Hole Attack?

Wired  

Most hacks start with a victim making some sort of mistake, whether that's entering a password on a convincing-looking phishing page or accidentally downloading a malicious attachment on a work computer. The most infamous watering hole attack in recent memory came to light in 2019, after targeting iPhone users within China's Uyghur Muslim community for two years. The internet security firm ESET says it detects multiple watering hole attacks per year, and Google's Threat Analysis Group similarly sees as many as one per month. Instead of targeting activists with something they actually have to click, which might be hard because they’re very canny, you can go to somewhere they’re already going and skip immediately to the part where you’re actually exploiting people’s devices.” Earlier this month, for example, TAG published findings about a watering hole attack that compromised a number of media and pro-democracy political group websites to target visitors using Macs and iPhones in Hong Kong. Watering hole attacks always have two types of victims: the legitimate website or service that attackers compromise to embed their malicious infrastructure, and the users who are then compromised when they visit.

Discover Related