There’s no denying the convenience of online shopping. In 2021 alone, 2.14 billion consumers shopped online to find the best prices and have packages delivered right to their door. The online shopping experience will continue to flourish this holiday season, and around the world, countless people will shop online without thinking twice about the websites they’re spending time on.
But doing so can be costly as cyber criminals are becoming deceptively more creative with ways to manipulate and capture website visitors. There are likely to be more inconspicuously dangerous sites during the holidays, and legitimate websites can also fall victim to cyberattacks. If you happen to visit a website that’s been compromised, your computer can quickly be infected by cyber criminals implementing a popular drive-by download attack.
Drive-by downloads are one of the most common methods used by cyber criminals to install malware and gain unauthorized access to your device, so knowing how they work and what steps you can take to avoid them is essential. Here, we’ll look at what a drive-by download is, types of attacks, and how to stay protected this holiday season.
When a computer becomes infected with malicious software just by visiting a website, it’s known as a drive-by download. The user doesn’t have to stop or click anywhere on the page, so simply visiting the page is enough to cause an infection. Most types of drive-by downloads take advantage of vulnerabilities in web browsers, operating systems, or file editors and viewers like Microsoft Office and Adobe Flash.
When a user visits the infected webpage, the malicious elements are triggered and exploit a vulnerability in part of the software stack on the user’s computer. Malicious files are then downloaded silently onto the user's device, giving the hacker complete control over the device. Hackers then have the ability to extract passwords or other potential sensitive information from the device.
Hackers can use a variety of malicious applications to hack a victim’s device, including:
The growing complexity of internet browsers are contributing to the increase in drive-by download attacks, as the number of plug-ins, add-ons, and browser versions continually rises. This means there are more weaknesses for cybercriminals to exploit—especially during the holiday season, when more retailers are creating new websites, offering online deals, and putting additional time and effort into building their online presence.
In most attacks, the hacker's objective is to compromise the victim’s machine and enlist it into a botnet. Through the initial security breach, hackers can leverage control of the device for lateral movement. Some common methods used by cybercriminals to deploy a drive-by download include 1) installing keyloggers to capture and record the victim’s keystrokes and 2) using ransomware to encrypt data on the infected device and demand payment for recovery.
These cyber criminals also search through the victim’s data, applications, and configuration files for IDs, passwords, account information, and other sensitive data. The malware can often find login credentials and other sensitive information stored in configuration files for browsers or other applications, so the hacker can use them for nefarious purposes such as conducting unauthorized transactions without the victim’s knowledge.
Drive-by downloads are a major concern, especially during the holiday season when shoppers are spending more time browsing the web searching for great deals. Here are a few steps users can take to protect themselves from these types of attacks:
Now that you know how cyber criminals use drive-by-downloads to install malware and gain unauthorized access to your device, learn more about protecting your web assets and defending against cyber criminals. Read What is Ransomware to discover how hackers hold sites hostage—and four steps you can take to ensure yours isn’t one.