What is a “Drive-By” Download?

Apr 16
10:20

2013

Robert Siciliano

Robert Siciliano

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

Gone are the days when you had to click to accept a download or install a software update in order to become infected.

mediaimage

Gone are the days when you had to click to “accept” a download or install a software update in order to become infected. Now,What is a “Drive-By” Download? Articles just opening a compromised web page could allow dangerous code to install on your device.

You just need to visit or “drive by” a web page, without stopping to click or accept any software, and the malicious code can download in the background to your device. A drive-by download refers to the unintentional download of a virus or malicious software (malware) onto your computer or mobile device.

A drive-by download will usually take advantage of (or “exploit”) a browser, app, or operating system that is out of date and has a security flaw. This initial code that is downloaded is often very small (so you probably wouldn’t notice it), since its job is often simply to contact another computer where it can pull down the rest of the code on to your smartphone, tablet, or computer. Often, a web page will contain several different types of malicious code, in hopes that one of them will match a weakness on your computer.

These downloads may be placed on otherwise innocent and normal-looking websites. You might receive a link in an email, text message, or social media post that tells you to look at something interesting on a site. When you open the page, while you are enjoying the article or cartoon, the download is installing on your computer.

Security researchers detect drive-by downloads by keeping track of web addresses that they know have a history of malicious or suspicious behavior, and by using crawlers to wander the Web and visit different pages. If a web page initiates a download on a test computer, the site is given a risky reputation. Links in spam messages and other communications can also be used as source lists for these tests.

The best advice I can share about avoiding drive-by downloads is to avoid visiting websites that could be considered dangerous or malicious. This includes adult content, and file-sharing websites.  Some other tips to stay protected include:

Keep your Internet browser, and operating system up to date

Use a safe search tool that warns you when you navigate to a malicious site

Use comprehensive security software on all your devices, like McAfee All Access, and keep it up to date

Robert Siciliano is an Online SecurityExpert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)