An article in ZDNet has revealed that Oldsmar (Florida, US) treatment plant, which was in news due to a poisoning attempt through a cyber attack, was also at the receiving end of another cyber attack that happened before this.
The investigation mentioned in the article reveals that a browser used on the water plant’s network fell prey to a ‘watering hole attack’.
Cyber security researchers were able to discover that a malicious code was being hosted on the WordPress website of a water infrastructure company in Florida. The malicious actors exploited the vulnerabilities found in the WordPress plugins to insert the code. That has been recognized as Tofsee malware. This took place somewhere around December 2020.
Take a Moment to Stay Tuned Forever
Subscribe to get weekly cyber security updates!
The purpose of inserting this malicious code was to prompt the water treatment plant operators in Florida and other states to click it. The report mentioned in the article says that the website hosting the malicious code was visited by a computer in Oldsmar on 5th February, the day on which the poisoning event occurred.
The investigation has further revealed that it was not only Oldsmar water plant that got compromised by this watering hole attack. It was observed that around 1000 computers were a part of the group of victims.
What is a Watering Hole Attack?
Watering Hole Attack is a cyber attack strategy where the attacker targets the end user of a website by guessing which websites are visited by it the most. The cyber criminal inserts are malware into the website through a code and the organization (end user of the website) gets infected with it. However, the attack may result in more than one victim as there will be multiple users of the targeted website who will fall prey and end up getting infected with the inserted malware.
Turn Your Employees Into A Cyber Threat Shield
Make your employees proactive against prevailing cyber attacks with ThreatCop!