What is an example of a watering hole attack?

A watering hole attack occurs when an adversary identifies a specific group of targets and compromises a website that the group frequently visits. The goal is to serve malware to those users once they access the compromised site, leading to a breach of their devices or networks. This method takes advantage of the trust and regularity with which the targets visit that particular site, effectively increasing the likelihood of a successful attack.

By targeting a commonly frequented site, the attacker does not need to directly approach each victim through personal means, such as phishing; instead, the attack is set up to lure victims to a malicious payload on a site they are already comfortable using. The method relies heavily on the predictability of user behavior and can be particularly effective if the site is one used for work-related activities, thereby bypassing conventional security measures due to the implicit trust in the site’s legitimacy.

The other options do not represent the characteristics of a watering hole attack. Phishing via email involves direct communication with a target, focusing on deceptive messages rather than a compromised site. A DDoS attack aims to overwhelm a website or service rather than infect users via a trusted location. Unauthorized access through stolen credentials centers around exploiting already compromised credentials rather than creating a scenario where the victim unwittingly