312-50V11 · Question #762
Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploi
The correct answer is D. Watering Hole Attack. A watering hole attack involves compromising websites that targeted victims are likely to visit, then using those sites to deliver exploits - often zero-days - to the intended targets.
Question
Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well- known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?
Options
- AHeartbeat Attack
- BSpear Phishing Attack
- CShellshock Attack
- DWatering Hole Attack
How the community answered
(34 responses)- B3% (1)
- C6% (2)
- D91% (31)
Why each option
A watering hole attack involves compromising websites that targeted victims are likely to visit, then using those sites to deliver exploits - often zero-days - to the intended targets.
A heartbeat attack refers to exploitation of the OpenSSL Heartbleed vulnerability (CVE-2014-0160), which allows reading of server memory - it is not a category of targeted website compromise.
Spear phishing is a targeted email-based social engineering attack directed at specific individuals, not a method involving compromising third-party websites.
Shellshock refers to a specific Bash shell vulnerability (CVE-2014-6271) that allows remote command execution via crafted environment variables, not a website-based targeting strategy.
A watering hole attack is defined by threat actors identifying and infecting trusted websites frequented by their intended victims rather than attacking victims directly. The scenario explicitly describes inserting exploits into well-known sites and leveraging zero-day vulnerabilities to minimize defenses. This indirect compromise strategy targeting a 'watering hole' that victims visit is the defining characteristic of this attack class.
Concept tested: Watering hole attack identification and characteristics
Source: https://attack.mitre.org/techniques/T1189/
Topics
Community Discussion
No community discussion yet for this question.