If cyber spies are interested in a lot of people within a larger group, they can target a website that’s used by the group or company, Alperovitch said.
The hackers will look for a vulnerability on the website to get in, or access it through spear phishing.
“They will … implant a piece of code on that website so that anyone who comes on that website will be immediately infected,” he explained.
It’s a tactic that is growing in popularity and is a common way to target dissidents, he said. However, it can also affect company or government websites.