In waterhole attacks, a website is poisoned that is frequented by you and/or your company with the express goal of compromising your environment. Either the hacker maliciously modifies the website code itself so that malware is sprung on the user or some desired object on the website is poisoned. For example, hackers may maliciously modify a trusted applet, and when downloaded by visitors, it opens a backdoor or installs other malware. Waterholes have already compromised high-profile companies, including Twitter, Microsoft, Facebook, and Apple. These sorts of attacks are a tailored to the victim, down to the computer platform. Assuming you’re safe because your computer platform isn’t attacked as commonly as others will just get you into a false sense of security.
Waterhole exploits can crop up on popular websites or even on poisoned Wi-Fi hotspots located near your company. What ca you do?
Begin by making your users — especially those with access to critical infrastructure and data — aware of waterhole attacks. They are the prime targets. Just as we had to make people aware that their favorite website might serve up fake antivirus software, so too must we now warn them about waterhole attacks.
Ongoing Information & Trends: A Weblog 
You must be logged in to post a comment.