Leapfrog Attack

What Does Leapfrog Attack Mean?

A leapfrog attack in the IT world is a situation where hackers or others obtain passwords or ID information in an initial attack, in order to use it in another, separate attack.


Techopedia Explains Leapfrog Attack

The use of the word "leapfrog" is accurate because hackers build on the information that they have obtained to mount other attacks, usually with higher stakes, or on more secure or complex systems.

There are many different kinds of leapfrog attacks, in which hackers can get information to use in future attacks. They may use strategies known as phishing in order to get the initial information, where a false interface or other trick funnels user information to them, or they may hack into a database or other technology within a network.

As a concrete example of a leapfrog attack, security company Symantec has revealed that hackers are using something they call a "weakest link attack," which can also be called a "waterhole attack," where fraudulent parties are first compromising the assets of small businesses in order to attack larger businesses. Experts explain that the smaller businesses often have lower levels of security because they don’t expect to be targeted as much as their larger clients do. Hackers can get some initial information from the small business in order to attack the larger business directly.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.