Security News > 2020 > April > Holy Water watering hole attack targets visitors of certain websites with malware
In a report published Tuesday, Kaspersky detailed the behavior of several watering hole websites established through a malware campaign dubbed Holy Water.
To set up a watering hole attack, cybercriminals observe or ascertain which sites are visited by particular groups of people and then compromise those sites with malware.
After learning of the malware attack from Kaspersky, GitHub disabled the repository for the file, which at least stopped the infection aspect of the campaign.
Almost 10 websites have been compromised with at least dozens of implanted hosts, showing that the attackers have established a large but targeted type of watering hole campaign.
"A watering hole is an interesting strategy that delivers results using targeted attacks on specific groups of people," Ivan Kwiatkowski, Kaspersky senior security researcher, said in a press release.
News URL
Related news
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- New RomCom malware variant 'SnipBot' spotted in data theft attacks (source)