Threat of the month: Drive-by download
The pervasiveness of drive-by downloads has made it our threat of the month for May.
What is it?
A silent malware download that takes place in the background, without the user's knowledge. The download is executed by exploiting a vulnerability in the browser or browser plug-in.
How does it work?
The attacker plants hidden malicious content called ‘exploit' on a webpage. It could be a malicious website created and hosted by the attacker, or a legitimate website that the attacker has compromised. When users access the webpage, the exploit takes advantage of a vulnerability in the browser, or browser plug-in, to change the behavior of the browser and enable the silent malware download.
Should I be worried?
Yes. Drive-by downloads are stealthy in nature and very difficult to prevent. Most browsers are not properly patched, or have unknown zero-day vulnerabilities for which a patch doesn't exist, thus are vulnerable to these attacks.
How can I prevent it?
Apply browser security patches on a regular basis. Consider solutions that are specifically designed to prevent exploitation of unpatched and zero-day vulnerabilities.