A drive-by download attack is where a user navigates their web browser to a website that has malicious code hidden on the website. This hidden code makes the web browser download viruses and other malware automatically. The user doesn’t know it has happened until there are signs on the computer of malware. That is if the virus gives any signs that it’s there, the attack could have gone completely unnoticed and could never be discovered.
Drive-by downloads happen in the first place because a hacker creates the code which they either upload to their own dodgy site or break into a well-known site and put the code there ready for unsuspecting victims.
- Drive-by-download attack exploits critical vulnerability in Windows Media Player (infoworld.com)
- Antivirus (google): Drive-by-download Attack Exploits Critical Vulnerability in Windows Media Player – PCWorld (pcworld.com)
- [Misc] Drive By Plugin Download? (edugeek.net)
- Harmful websites aimed at kids are spreading (msnbc.msn.com)
- Patch Tuesday heads-up: 21 vulnerabilities, including ‘critical’ IE bulletin (zdnet.com)
- Browsing only safe Internet web pages (lakkireddymadhu.wordpress.com)
- Firefox (google): If You’re Part of the IE6 One Percent, You’re Doing It Wrong – PCWorld (pcworld.com)