312-50V10 · Question #762
Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploi
The correct answer is D. Watering Hole Attack. A watering hole attack involves compromising trusted websites that target victims frequent, then injecting exploits - often zero-days - to silently infect visitors.
Question
Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well- known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?
Options
- AHeartbeat Attack
- BSpear Phishing Attack
- CShellshock Attack
- DWatering Hole Attack
How the community answered
(62 responses)- A3% (2)
- B2% (1)
- C2% (1)
- D94% (58)
Why each option
A watering hole attack involves compromising trusted websites that target victims frequent, then injecting exploits - often zero-days - to silently infect visitors.
A Heartbeat attack (associated with Heartbleed, CVE-2014-0160) exploits the TLS heartbeat extension to leak server memory - it is a protocol-level vulnerability exploit, not a site-compromise infection technique.
Spear phishing is a targeted email-based attack that lures specific individuals into interacting with malicious content; it does not involve compromising third-party websites to passively infect visitors.
Shellshock (CVE-2014-6271) is a specific bash shell vulnerability allowing remote code execution via crafted environment variables - it is a vulnerability class, not an attack pattern matching this scenario.
A watering hole attack is named after the predator tactic of waiting at a water source - attackers identify and compromise legitimate, trusted websites known to be visited by their intended targets. The attack often incorporates zero-day exploits to maximize effectiveness against unpatched systems, which directly matches the scenario described. This distinguishes it from direct-targeting techniques like phishing because the victim is infected passively by visiting a site they already trust.
Concept tested: Watering hole attack - website compromise for targeted infection
Source: https://attack.mitre.org/techniques/T1189/
Topics
Community Discussion
No community discussion yet for this question.