Watering Hole Attack, Erwood Group

Watering Hole Attack

Definition(s):

In a watering hole attack, the attacker compromises a site likely to be visited by a particular target group, rather than attacking the target group directly.

Source: NIST CNSSI 4009-2015

A security exploit where the attacker infects websites that are frequently visited by members of the group being attacked, with a goal of infecting a computer used by one of the targeted group when they visit the infected website.

Source: NIST NIST SP 800-150 under Watering Hole Attack

A watering hole attack is a type of cyber attack that targets a specific group of users by compromising websites or web applications they frequently visit. The attacker will inject malicious code into the website or web application and wait for unsuspecting users to visit the website and become infected with malware.