Watering Hole

This article is about computer hacking and cracking. For a place to obtain alcoholic potables, see pub. For other uses, see Waterhole (disambiguation).

Watering Hole is a computer attack strategy identified in 2012 by RSA Security, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member of the targeted group gets infected.[1]

Relying on websites that the group trusts makes this strategy efficient, even with groups that are resistant to spear phishing and other forms of phishing.

References

  1. Gragido, Will (20 July 2012). "Lions at the Watering Hole – The "VOHO" Affair". The RSA Blog. EMC Corporation.