nerdexam
EC-Council

312-50V13 · Question #402

Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites a

The correct answer is D. Watering hole attack. Watering Hole Attack Explained Why D is Correct: Joel's technique perfectly matches a watering hole attack, where an attacker identifies websites frequently visited by a target group, compromises those sites with malicious code, and then passively waits for victims to visit the i

Submitted by mike_84· Mar 6, 2026Hacking Web Applications

Question

Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario?

Options

  • ADNS rebinding attack
  • BClickjacking attack
  • CMarioNet attack
  • DWatering hole attack

How the community answered

(33 responses)
  • A
    3% (1)
  • B
    3% (1)
  • D
    94% (31)

Explanation

Watering Hole Attack Explained

Why D is Correct: Joel's technique perfectly matches a watering hole attack, where an attacker identifies websites frequently visited by a target group, compromises those sites with malicious code, and then passively waits for victims to visit the infected site - much like a predator waiting at a watering hole for prey to come to them.

Why the Distractors Are Wrong:

  • A (DNS Rebinding): This exploits DNS resolution to bypass same-origin policies and gain access to internal networks - it doesn't involve injecting malicious scripts into third-party websites.
  • B (Clickjacking): This tricks users into clicking on hidden/disguised elements on a webpage, not about compromising external sites to deliver malware.
  • C (MarioNet): This is a browser-based botnet attack that exploits Service Workers to maintain control of a browser even after the user leaves a page - unrelated to targeting company employees through frequented websites.

Memory Tip: Think of the animal kingdom analogy - just as a lion waits at the watering hole knowing prey will eventually come to drink, a hacker compromises sites the victim must visit and simply waits. If the question mentions "waiting for victims" + "compromised third-party sites," it's almost always a watering hole attack.

Topics

#Watering Hole Attack#Malware Distribution#Web Application Exploitation#Targeted Attack

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice