Cyber Threats: Drive-by Download Attacks
Drive-by Download Attacks are ignited simply by a victim clicking a link which, unwittingly to them, injects malicious software onto their computer- or other device. The malware most frequently used in Drive-by Download Attacks are called Trojans.
Trojans get their name for their deceitful nature; so the victim often has no idea their site is distributing malware. Once installed, Trojans can do numerous things. They can infect a web browser with a banking Trojan, install a backdoor to allow for the hacker to have access, ignite a buffer-overflow attack and other actions.
Due to the increasing wit and agility of hackers, there are a few different ways a cybercriminal performs the initial Drive-by Download Attack. The three most common are Cross-Site Scripting Attacks, Non-persistent Threat Attacks and Persistent Threat Attacks.
Case Study: The Mac Flashback Attack
In 2012 over 60,000 Mac computers were compromised by a Flashback Trojan. This is a form of malware designed to gather vulnerable information via a victim’s web browser and applications. In this attack, malware writers wrote a fake toolkit for WordPress which, when downloaded, installed the malware. Once the malware was installed, the hackers created a backdoor which allowed them to infect users’ blogs. They also used fake Adobe Flash players to lure victim’s in to unwittingly installing malware.
Once a downloader was installed, a number of hacking methods were used. Hackers used malware which created backdoors, replaced web ads with ads controlled by malware writers, and- ultimately- display permanent malware on a victim’s server in order to gather sensitive information over time. The three main types of attacks used are Cross Site Scripting Attacks, Non Persistent Attacks and Persistent Attacks.
Defenses against Drive-by Download Attacks
Learn how to detect and mitigate cyber threats with our Cyber Threat Detection and Mitigation Certification Training Course!
Start your FREE trial today!