Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Drive-by downloads: Can you get malware just from visiting a website?
Message
<blockquote data-quote="struppigel" data-source="post: 937289" data-attributes="member: 86910"><p>Hi. [USER=37647]@shmu26[/USER] and me had a misunderstanding, which we resolved via PM. One lesson for me is that we do need to get our terminology clear before discussing. So let me do this first to avoid further misunderstandings.</p><p>Drive-by download means: The download is executed on its own. The downloaded file not necessarily.</p><p>When [USER=37647]@shmu26[/USER] referred to "drive-by downloads that ran without user intervention" he meant the <strong>downloaded file</strong> is executed without user intervention whereas for me it meant the <strong>download is executed</strong> (happens) without user intervention.</p><p></p><p>A drive-by download that also executes the downloaded file on its own is more rare, yes, because the attack surface is lower. Most have some portion of social engineering to make the latter happen.</p><p></p><p>One word of caution, though, I have no hard data on this, this is only based on what I have seen during my work. There are recent campaigns, e.g., <a href="https://www.reddit.com/r/antivirus/comments/kynb18/hello_was_wondering_if_this_opera_update_is_a/" target="_blank">the malware in this one from 2 months ago</a>, which will automatically check whether the browser can be exploited to also execute the downloaded file. So depending on the vulnerabilities of the affected system, the very same malware site will either require you to click or execute the downloaded file on it's own.</p><p></p><p>Whether you call that rare depends on how you count it.</p><p>Are they actively used? Yes.</p><p>Does it affect updated systems and browsers? Hardly</p><p>Are oudated systems common? Unfortunately more than we'd like.</p></blockquote><p></p>
[QUOTE="struppigel, post: 937289, member: 86910"] Hi. [USER=37647]@shmu26[/USER] and me had a misunderstanding, which we resolved via PM. One lesson for me is that we do need to get our terminology clear before discussing. So let me do this first to avoid further misunderstandings. Drive-by download means: The download is executed on its own. The downloaded file not necessarily. When [USER=37647]@shmu26[/USER] referred to "drive-by downloads that ran without user intervention" he meant the [B]downloaded file[/B] is executed without user intervention whereas for me it meant the [B]download is executed[/B] (happens) without user intervention. A drive-by download that also executes the downloaded file on its own is more rare, yes, because the attack surface is lower. Most have some portion of social engineering to make the latter happen. One word of caution, though, I have no hard data on this, this is only based on what I have seen during my work. There are recent campaigns, e.g., [URL='https://www.reddit.com/r/antivirus/comments/kynb18/hello_was_wondering_if_this_opera_update_is_a/']the malware in this one from 2 months ago[/URL], which will automatically check whether the browser can be exploited to also execute the downloaded file. So depending on the vulnerabilities of the affected system, the very same malware site will either require you to click or execute the downloaded file on it's own. Whether you call that rare depends on how you count it. Are they actively used? Yes. Does it affect updated systems and browsers? Hardly Are oudated systems common? Unfortunately more than we'd like. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
