Method of infection: Water-holing
OSIRIS used a Social Engineering method called “water holing” to attack German IP addresses.
How does water holing attack work?
- The victim enters the infected website.
- The website checks if the target IP is German.
- If it’s a German IP – few evasion techniques are used to bypass EDR
- And then the virus connects to its command server through the Darknet
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🧠 You Can’t Protect What You Don’t See
Most orgs only monitor what they own.
But attackers look at everything – the exposed, abandoned, and overlooked.
Think:
• Orphaned SaaS apps
• Staff emails leaked on dark web
• Unclaimed DNS records
This isn’t hidden in the dark web. It’s often public – just not on your radar.
💡 AUMINT’s €1,500 Attack Surface Report maps your full digital exposure – before someone else does.
Secure your blind spots: https://calendly.com/aumint/aumint-intro
#CyberSecurity #AttackSurface #ITRisk #InfoSecEurope #DigitalExposure #CISO