An early Pennsylvanian waterhole deposit and its fossil biota in a ...
Waterhole Attack
1
-
Upload
symantec -
Category
Technology
-
view
13.853 -
download
5
Transcript of Waterhole Attack
![Page 1: Waterhole Attack](https://reader033.fdocuments.in/reader033/viewer/2022042716/55a6232a1a28ab193c8b4578/html5/thumbnails/1.jpg)
Attacker profiles victims and the kind of websites they go to.
Attacker then tests these websites for vulnerabilities.
When the attacker finds a website that he can compromise he then injects the JavaScript or HTML redirecting the victim to a separate site hosting the exploit code for the chosen vulnerability.
The compromised website is now “waiting” to infect the profiled victim with a zero-day exploit, just like a lion waiting at a watering hole.
JavaScript/HTML
<body class="home">
id="header"
ad.js"></script>CSS/layout.css"
<script type="text”
WATERING HOLE ATTACKS1.1.
2.2.
3.3.
4.4.
Site hosting exploit code