How is malicious content typically placed on popular websites in watering hole attacks?

In watering hole attacks, malicious content is typically placed on popular websites by using rented advertising space. This method involves compromising ad networks that display ads on various websites, allowing attackers to run malicious ads that can lead users to malicious sites or deliver malware directly to their browsers.

By leveraging the trust users already have in popular websites and the ads that appear there, attackers can effectively create a pathway to compromise the systems of unsuspecting users. This strategy doesn't require directly altering the website's source code or exploiting server vulnerabilities, which could be more complex or labor-intensive. Additionally, while email phishing campaigns are a common method of delivering malware, they do not form part of the watering hole attack technique itself. Overall, the use of rented advertising space provides a means for attackers to reach a broad audience while remaining under the radar, making it a common tactic in these types of attacks.