Watering Hole

Watering Hole is the name of a computer attack strategy that was detected as early as 2009 and 2010. The victim is a particular, very targeted group, such as a company, organization, agency, industry, etc. The attacker spends time to gain strategic information about the target: observes which legitimate websites are more often visited by the members of the group. Then the attacker exploits a vulnerability and infects one of those trusted websites with malware, without the knowledge of the site’s owner. Eventually, someone from that organization will fall into the trap and get their computer infected. This way, the attacker gains access to the target’s entire network. These attacks work because of the constant vulnerabilities in website technologies, even with the most popular systems, such as WordPress, making it easier than ever to stealthily compromise websites.