Watering Hole Attack

Definition

A watering hole attack is a targeted attack where cybercriminals infect websites frequently visited by intended victims, then wait for victims to visit the infected site.

Attackers compromise a legitimate website popular with the target (an industry website, supplier, or forum) and add malware to it. Advanced threat actors (APT groups) use this technique for targeted attacks.

Related terms

APT (Advanced Persistent Threat) Malware Zero-day
← Back to glossary