'Watering hole' attacks rise in prominence

F-Secure is branding the rise of "watering hole attacks" as the most notable information security occurrence of early 2013.

In its latest Threat Report (pdf), the Finnish security firm said that despite a slew of examples in February and March that targeted companies including Twitter, Facebook and Apple, "the general public appears to have learned few lessons regarding watering hole attacks as a result".

Watering hole attacks are seen as an alternative to spear phishing.

Attackers target websites where employees of the target company hang out and chat. By infecting these sites with malware, it is hoped that eventually an employee's machine will also become infected, providing a route in for the attacker.

The watering hole targeted by attackers earlier this year was an internet forum for iOS developers.

F-Secure said that criminals were "apparently more than willing to put in the man-hours" to exploit the watering hole in order to attack targets as valuable as Twitter, Facebook and Apple.

It indicated that it was continuing to monitor the incidence of such attacks.

There were few other surprises in the Threat Report. Exploit attacks against known vulnerabilities "are everywhere", according to F-Secure Labs chief research officer Mikko Hypponen, with "Java-based ones ... leading the pack".

Phishing continued to thrive, as did ransomware which F-Secure noted had been doing the rounds "in March and April of this year ... particularly targeting corporate clients in countries such as Spain and Italy".

Google's Android was also the most targeted mobile operating system, accounting for 96 percent of all new mobile malware families and variants seen by F-Secure in the first half of this calendar year.

Copyright © SC Magazine, Australia