Drive-By Download
An attack where malicious software is automatically downloaded onto a user's device without consent.
Understanding Drive-By Download Attacks
Unlike traditional malware downloads that require user action (e.g., clicking a malicious link), Drive-By Downloads occur silently in the background when a user visits an infected website. Hackers inject malicious scripts into legitimate or compromised web pages that automatically exploit system vulnerabilities.
How Drive-By Downloads Work
Compromised Website Loads Malicious Code – Attackers inject malicious JavaScript or exploit kits into a website.
User Visits the Infected Site – The malicious script automatically executes in the background.
Exploitation of Browser/Plugin Vulnerabilities – The script identifies security flaws and delivers malware payloads.
Malware Installation – The malware is downloaded and executed without user interaction.
Common Applications of Drive-By Download Attacks
Ransomware Deployment – Encrypts user files and demands payment.
Spyware & Keyloggers – Monitors keystrokes and steals credentials.
Botnet Recruitment – Turns the victim's device into a bot for DDoS attacks.
Ad Fraud & Cryptojacking – Uses system resources to mine cryptocurrency or generate fraudulent ad revenue.