CISO Corner

Attack Spotlight: Drive-by Download Attack

Graphical picture of an iPad device under a cyber attack.

What Is a Drive-by Download Attack?

A Drive-by Download attack involves the unintentional download of malicious files, code, or software onto your device. This can range from downloading Spyware, Trojans, Ransomware, and the list goes on. The download is often hidden from the victim, and they will be unaware of what is happening until it is too late.

This type of attack is most commonly carried out by the victim visiting a compromised website. They will not need to click on anything for the attack to commence and simply visiting the compromised website is enough for your device to become infected.

In other circumstances, drive-by downloads can be executed by pop-up ads, malicious email attachments and malicious links. The close button for a pop-up ad can act as the executor for these attacks. Once the victim attempts to close the ad, they inadvertently begin the malicious download. Regarding malicious email attachments and links, a simple click of the link or attachment will commence the download.

How Are These Attacks Executed?

Usually, these websites start as legitimate websites that are not malicious, that is until the cybercriminal comes along. The criminal will target frequently visited websites to increase the number of victims. Once they have identified an exploit, they will gain access to the website and infect it, setting the stage for the attack.

Once an unsuspecting victim visits the website or clicks on an ad, a very small amount of malicious code will be downloaded onto their device. Often the website will contain several different types of malicious code, hoping that one of these will match a weakness/exploit on their device. The codes’ purpose is to contact other computers the criminal controls and download the rest of the malicious code.

Once this has been done, the device is now compromised.

How to Prevent a Drive-by Download Attack?

The following steps will assist you with protecting yourself and your devices from threats such as drive-by downloads.

  • Keep Operating Systems and browsers up to date (UNE devices are managed and updated by the TDS department).
  • Only download software from legitimate sources.
  • Beware of popups.
  • Remove any unwanted programs and apps.
  • Beware of suspicious websites and links.
  • Consider an ad-blocker.
  • Install antivirus software (UNE devices come with an active antivirus).

Graphical image of the above mentioned tips to prevent a drive-by download attack.

If you have any questions or concerns, please feel free to contact our IT Support team on +61 (2) 6773 5000, servicedesk@une.edu.au.

Thank you for your support in helping us maintain the cyber security integrity of UNE.

Sources:

McAfee

Norton

Bitdefender

Submit a Comment

Your email address will not be published. Required fields are marked *