Cyber Threats: Drive-by Download Attacks

Cyber Threats: Drive-by Download Attacks

drive-by downloads

Drive-by Download Attacks are ignited simply by a victim clicking a link which, unwittingly to them, injects malicious software onto their computer- or other device. The malware most frequently used in Drive-by Download Attacks are called Trojans.

Trojans get their name for their deceitful nature; so the victim often has no idea their site is distributing malware. Once installed, Trojans can do numerous things. They can infect a web browser with a banking Trojan, install a backdoor to allow for the hacker to have access, ignite a buffer-overflow attack and other actions.

Due to the increasing wit and agility of hackers, there are a few different ways a cybercriminal performs the initial Drive-by Download Attack. The three most common are Cross-Site Scripting Attacks, Non-persistent Threat Attacks and Persistent Threat Attacks.

To learn about phishing attacks, read our this post from our Cyber Threats series!

drive-by downloads

Case Study: The Mac Flashback Attack

In 2012 over 60,000 Mac computers were compromised by a Flashback Trojan. This is a form of malware designed to gather vulnerable information via a victim’s web browser and applications. In this attack, malware writers wrote a fake toolkit for WordPress which, when downloaded, installed the malware. Once the malware was installed, the hackers created a backdoor which allowed them to infect users’ blogs. They also used fake Adobe Flash players to lure victim’s in to unwittingly installing malware.

Once a downloader was installed, a number of hacking methods were used. Hackers used malware which created backdoors, replaced web ads with ads controlled by malware writers, and- ultimately- display permanent malware on a victim’s server in order to gather sensitive information over time. The three main types of attacks used are Cross Site Scripting Attacks, Non Persistent Attacks and Persistent Attacks.

Defenses against Drive-by Download Attacks

There are a few ways to prevent against Drive-by Download Attacks. One easy way to prevent attacks is to keep your software up to date. This will help prevent drive-by downloads which are often inserted into out-dated plug-ins and browsers. Install, and keep updated, an antivirus software as well as a web-filtering software. Disable JavaScript within PDF documents and uninstall Java from any system control. Unsigned applets can run arbitrary Java code with unrestricted access. Finally, don’t give users admin access to their computers. With all of this and the usual precautions (such as awareness training and an in-practice reporting system in place) drive-by download attacks will be few and far between.

Learn how to detect and mitigate cyber threats with our Cyber Threat Detection and Mitigation Certification Training Course!

Start your FREE trial today!

Cyber Threat Detection and Mitigation

CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes.

Leave a Reply

Your email address will not be published. Required fields are marked *