The drive-by download refers to an unintentional software download onto a user’s device. The user does not have to actively participate or click on download links to enable an infection, but just “drive-by” a compromised website. A drive-by download infection leverages security flaws in web browsers or apps to slip malicious code past system defenses and trigger backend downloads while a user is trying to download legitimate software or is just browsing a website. In a Drive-by download attack, perpetrators push “exploits” – tools that leverage system vulnerabilities to propagate malware- onto the user device leaving it open to cyberattacks.
The best defense against drive-by download attacks is to exercise caution by avoiding malicious and dangerous websites. This includes file sharing sites, websites with pirated or adult content. Browsers and operating systems must be up to date with the latest security patches. Browsing should be limited to well-established, mainstream websites. It is best to use well-known and safe search engines while looking for specific content as these search engines warn users when being directed to unsafe websites. Users should download apps and software from known vendors only as programs and apps from unverified sources make the system more susceptible to infections.
AttackSolutions uses only reputed third-party security software like Comodo Internet Security and Site Inspector to prevent malicious websites from forcing malware onto vulnerable user systems. Our security researchers maintain a database of suspicious and malicious web addresses by continually searching the Internet for drive-by download code. We use web crawlers that wander the web and visit different websites to test if their web pages initiate unauthorized downloads onto our test systems. Once dangerous websites are identified, they are added to our database and users are issued a warning when they attempt to access such websites.
If you have questions or comments, please use this form to reach us, and you will receive a response within one business day. Your can also call us directly at any of our global offices.