If not redirected, please click here https://www.thesecuritybuddy.com/malware-prevention/what-is-drive-by-download-and-how-to-prevent-it/
Previously, malware used to infect a
computer through installation of software initiated by the user. When
a user used to click on a link and accept installation of software,
software would start installation, and with that malware used to
download and infect the computer. But, now many attackers use a
concept called Drive-By Download to spread malware.
A Drive-By Download is a
technique through which a malware can start downloading simply
through visiting the attacker controlled website. When a user visits
a malicious website, download starts in background in the computer or
mobile devices. Mostly, this type of download exploits some security
flaw in the browser or other software commonly used.
How does Drive-By Download work ?
The initial code installed by Drive-By
Download is very small. The code often simply contacts with other
computers and instructs to download the rest of the malware.
Normally, the malicious website contains several malware exploiting
different security flaws. And when a user visits the website, at
least one of them gets downloaded taking advantage of some security
flaw.
Attackers normally send links of these
malicious websites through email or text messages and even through
attracting social media posts. The attackers sometimes post an
interesting article or cartoon in social media and when a user enjoys
the article, Drive-By Download starts in background.
Countermeasures of Drive-By Downloads
Security experts are constantly doing
research on this topic. Normally, security experts use some test
machine and visit websites that have previous records of spreading
malware. If on visiting the website, malware starts downloading on
the test machine, proper action is taken.
Though educating oneself is the best
policy. Do not click on suspicious looking links. If you are not very
sure about the authenticity of a website, it is better not to visit
it. And be careful about clicking on interesting looking suspicious
social media posts. They may do much harm than any benefit.
And it is always advisable to update
the software you are using with security patches. Mostly, attackers
take the advantage of security flaws in software to spread malware.
Preferable use a safe search tool that
will keep you updated about possible malicious websites. And use a
trusted antivirus software.
This article was to inform you about
another recent threat. Hope it solved its purpose.
No comments:
Post a Comment