Sunday, May 6, 2012 0 comments
There are many posts in my blog when I have posted some malware which use Drive by Download method to infect various system on the internet. But the method Drive by Download seems confusing for many people. This is a requested post which i am writing for those who have sent me mail regarding this post.
Drive by Download is a method which some malware use to infect and spread. This is not a malware type. On internet we visit many websites daily but some website. But some websites trick users to download malicious software which claims to be something else. Sometimes website uses pop-ups to spread this type of infection. Suppose pop-up has a simple message and two buttons saying yes and no. Clicking on any of 2 buttons start downloading some kind of code into your system. These infected pages use some kind of iFrame code to bypass antivirus detection.
Drive-by downloads continue to be a major security issue online. Most of the malwares and spyware use this trick to spread and infecting computers on the internet. Now Google is also taking this issue seriously and warns users if they try to visit any this kind of website from Google.
According to security company Sophos, more than 10,000 infected pages come out daily which spreads different kind of malware with this method.
Many of these infections are connected to botnets, in which each PC is turned into a zombie that may then be directed to further malicious activity, like spam or DDoS attacks.
Drive by install is a similar kind of attack in which website trick users to install some kind of tools into the system. You have seen some tool bars which appears in your browser which you never installed. These are the perfect example of Drive by download. These tool bars are some kind of adwares which changes your homepage and continue opening pop-ups in your computer.
How to avoid drive-by downloads
To minimize the risk of drive-by downloads, you should keep your web browser and your internet security software updated at all times. Also install all Windows patches as soon as they are released and don’t click on links in unsolicited or otherwise dubious e-mails.