What is Leapfrog Attack?
A leapfrog attack in the IT world is a situation in which hackers or others are given passwords or ID information in an initial attack to use in another, separate attack.
The use of the word 'leapfrog' is correct as hackers rely on the information they have received to master other attacks, usually at higher stakes or on more secure or complex systems.
There are many different types of leapfrog attacks that can give hackers information that they can use in future attacks. They can use strategies known as phishing to get the initial information, with a fake interface or other trick directing user information to them, or they can hack into a database or other technology within a network.
As a specific example of a 'buck frog attack', security company Symantec has revealed that hackers are using what they call the 'weakest link attack', which can also be referred to as a 'waterhole attack'. Fraudulent parties first compromise small business assets to attack larger companies. Experts explain that the smaller companies often have a lower level of security because they don't expect them to be as targeted as their larger customers. Hackers can obtain initial information from the small business in order to attack the larger business directly.