Drive-by Attack :

A ‘drive-by-download’ attack is where an unsuspecting victim visits a website which in turn infects their device with malware. The website in question could be one that is directly controlled by the attacker, or one that has been compromised.

In some cases, the malware is served in content such as banners and advertisements. These days exploit kits are available which allow novice hackers to easily setup malicious websites or distribute malicious content through other means.

Drive-by downloads are a common method of spreading malware. Cybercriminals look for insecure web sites and plant a malicious script into HTTP or PHP code on one of the pages. This script may install malware directly onto the computer of someone who visits the site, or it may take the form on an IFRAME that re-directs the victim to a site controlled by the cybercriminals. In many cases the script is obfuscated, to make it more difficult for security researchers to analyse the code. Such attacks are called ‘drive-by downloads’ because they require no action on the part of the victim — beyond simply visiting the compromised web site: they are infected automatically (and silently) if their computer is vulnerable in some way (e.g. if they have failed to apply a security update to one of their applications).

How Drive-by Attack Works :

How to avoid Drive-by Attack :

  • Update your software regularly.
  • Install necessary protective software.
  • Check your firewall often.
  • Don’t click on suspicious links, don’t open attachments in e-mails from people you don’t know.
  • Thoroughly educate your employees. Make sure that they know that they shouldn’t visit shady sites, download suspicious files, click on dubious links.
  • Install a software that blocks malicious websites to prevent your employees from infecting their devices and your network.
  • Use strong passwords, two factor authentication and change your passwords everty 3 months.


Did you like our works?

We are known for Website Development and Website Designing, along with Android iOS application development in Mumbai, India. Please write us what you think, we would like to hear it from you