What is the MOST likely goal of an attacker installing malware on a popular website?

The most likely goal of an attacker installing malware on a popular website is to conduct a watering-hole attack. In this type of attack, the adversary compromises a website frequently visited by a specific group of users, thereby targeting those individuals indirectly. When users visit the infected site, they may unknowingly download the malicious software, which can facilitate a range of malicious activities, such as stealing personal information, spreading other malware, or breaching corporate networks.

By targeting the website that the intended victims already trust, the attacker increases the likelihood of successful exploitation. This approach is particularly effective because it takes advantage of users' established relationships with well-known websites, reducing the suspicion that might be aroused by direct phishing attempts. Watering-hole attacks are sophisticated strategies that aim to infect a high volume of potential targets collectively, differentiating them from more person-centered attacks like spear phishing, which focus on individual users.