Certified Ethical Hacker (CEH v11) — Question 371
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine.
Joel waits for the victim to access the infected web application so as to compromise the victim's machine.
Which of the following techniques is used by Joel in the above scenario?
Answer options
- A. Watering hole attack
- B. DNS rebinding attack
- C. MarioNet attack
- D. Clickjacking attack
Correct answer: A
Explanation
The correct answer is A, Watering hole attack, as it involves compromising a website that is frequently visited by a specific group to infect users. The other options, like DNS rebinding and Clickjacking, refer to different attack techniques that do not align with the scenario described, which focuses on targeting users based on their browsing habits.