What is a drive-by download?

   A drive-by download is a program that is automatically installed on your computer by merely visiting a booby-trapped

   website or viewing a HTML e-mail message. The malicious code is downloaded to your computer without your

   consent or even your knowledge, without you having to explicitly click on a link on the page or in the e-mail.

Greetings... you've been infected

Drive-by downloads are typically deployed by exploiting browser vulnerabilities or lowered security settings on your computer.

A study released by Google in May 2007 warned of "very high levels" of malware being hosted on Web sites. In a year-long scan of over 4.5 million sites the Google team found code on 450,000 pages that could inject malware onto users' PCs via improperly patched browsers.

According to Google, hackers use scripting languages to determine which vulnerabilities are present on your computer and use the information to request appropriate exploits from a central server.

"Even a single visit to an infected Web site enables the attacker to detect vulnerabilities in the user's applications and force the download a multitude of malware binaries," the report said.

This situation is a direct result of Web 2.0, Google found. The typical Web portal now uses many complex applications on top of the simple Web browser, making the Web 2.0 a fertile breeding ground for malware. Links, blog postings, shared applications and syndicated traffic are all backdoor opportunities for unknown exploits to invade legitimate sites.

Unfortunately, it is an outdated notion that URLs containing malicious software reside only in the darker corners of the Internet. According to research from July 2007, the vast majority of infected Web pages – around 80 percent – were legitimate sites injected with malicious code exploiting vulnerabilities in the Web server.

A well-known example was the official Web site of Dolphin Stadium, home of 2007's Super Bowl XLI, being hacked prior to the massively exposed American football game and seeded with exploit code targeting two known Windows security flaws.

To minimize the risk of drive-by downloads it is important that you keep your browser and your security software updated at all times. Also install all Windows patches immediately and avoid clicking on links in unsolicited or otherwise dubious e-mails.

BullGuard Internet Security    • The most comprehenshive anti-phishing tool on the market    • Full integration with the most popular email applications    • Free 24/7 Support      Try BullGuard Internet Security    Buy BullGuard Internet Security