What is Drive-by Download?
By Nick Anderson 5 minutes
Malware is short for malicious software, and it is the biggest threat to cybersecurity that continues to find tricky new ways to bypass detection and infiltrate a system. For malware to successfully enter your system, the attacker must evade the various security checks on your device, and trick you into downloading it; usually through email attachments or applications serving as Trojan.
While much of the tactics involve action by the user, like clicking on a download button, what if we told you malware can enter your system without your knowledge and consent?
Cybersecurity experts have coined this method “Drive-by Download” because the malware downloads without you clicking on a download button. All the user would do is visit a webpage and the malicious code will execute. Let us walk you through what is Drive-by Download.
How Does Drive-By Download Work?
Software is a pyramid of code that serves as instructions for not just how an application behaves but also security. Developers need to ensure that the software does not leave cracks for some bad actor to utilize and gain unauthorized access to a user’s system or modify the software’s behavior. Despite long hours of beta testing to mitigate the loopholes, the software can still be vulnerable to clever hacking attempts – such is the nature of software.
You would imagine that such web pages would be associated with lesser-known, almost shady websites. But this can and has happened to known and popular websites with millions of visitors every month. BBC and New York Times are examples that became the catapult for drive-by attacks.
Hackers monitor vulnerabilities in a website’s security, then inject malicious code.
Malvertisement is another method through which bad actors can infect your system. Ads are ubiquitous on the internet. From social media websites to news publications, nearly every website (except paid publications) relies on advertising for revenue and keeping the website operational. An attacker would only need to show you a pop-up or an ad somewhere on the webpage.
What Happens After a Drive-by Download
Drive-by Downloads usually download an exploit kit. The exploit kit gets to work by analyzing your system to find vulnerabilities in your operating system and installed applications.
Malware’s job is to find a weakness in a user’s system to bypass security. One type of malware called Fileless Malware is especially dangerous because it runs on RAM (Random Access Memory) and does not leave a footprint in your storage that anti-virus programs can detect. Malware can be dangerous if you do not pay attention to the security of your device. Operating systems and applications routinely receive updates from developers. In a world swarming with digital threats, it is a much-needed way to patch vulnerabilities that attacks like Drive-by Download seek to exploit.
Once the exploit has found a vulnerability, it will try to cause harm based on the vulnerability. It may even install a backdoor for the attacker to receive instructions, like acting as an agent for installing more malware. Threats range from a Keylogger that records the input strokes on your keyboard when you are logging into your bank account or a Ransomware that encrypts your precious files in exchange for a hefty ransom to retrieve the decryption key.
Drive-by Downloads are innocuous, which means they have the potential to infect a large number of people. The infected systems can create what’s called a Botnet. It’s a network of infected devices that connect to a command center, from where the attacker can feed instructions.
How You Can Prevent Drive-By Download
There are ways you can improve your chances against Drive-by Download.
Update Your Software
The number of approaches to prevent malware infection is to keep software like operating systems and the applications running on top updated to the latest version. You may find them annoying, but updates are crucial for the security of your device. New vulnerabilities are found that then get addressed through a patch in the latest software update. So, always keep automatic downloads on to receive software updates as soon as they are rolled out.
Use an Ad-Blocker
The problem with ads is that not only are they intrusive to the web experience, but there’s no telling where the ad is coming from. Websites partner with third-party advertisement programs and integrate the code into their websites. These third-party programs push ads as they see fit, which could be infectious. An Ad-blocker in your web browser will disable all ads on the webpage.
Browse Trusted Websites
Try sticking to known websites for your internet needs. Abandoned websites or websites without HTTPS encryption are more vulnerable to infected web pages. So, the next time your web browser tells you that the website is risky or unsecure – listen to it.
Install an Anti-Virus
Anti-virus is the top way to secure your device. It is built to combat malicious objects. The best anti-virus software are robust; they can scan your system, email attachments, and even URLs. It is the defense that actively monitors questionable programs trying to execute. Find an anti-virus that provides all-around protection. And keep it updated with the latest malware signatures.
Drive-by Download is proof of how cybersecurity is so important. Without active defenses, your private data can be compromised. We always recommend using a VPN on public Wi-Fi, where security is generally weak and users are susceptible to attacks. A hacker on the network could redirect you to web pages containing the malicious code.