drive by download

Why Watering Hole Attacks Work

Information security is littered with bad analogies. And none sounds sillier than a watering hole attack, which plays off the tactic that dominant animals use when stalking food by loitering at a watering hole. Rather than chase their prey, a lion will wait for prey to come to it. Hackers are doing the same thing to a great degree of success. Rather than using a spear phishing email campaign to lure prey to them, hackers are infecting vulnerable sites of a common interest to their targets, and then redirecting them to malware and more badness.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.