Drive by Downloads
January 19, 2010 by admin
One of the fastest growing problems on the Internet are driveby downloads. Just like the name suggests this is stealth, sneaky technology to download and install malware programs to your computer. The real danger is that you could actually become a victim of these downloads through some legitimate sites as well as the malware sites themselves.
How do they work?
The concept is the first thing to understand. When you surf to one of these sites where driveby downloads instigate, in most cases you will not even be aware of the downloads taking place. Take for instance the code of the webpage that you have accessed. Usually this code is written in HTML format and most internet users don’t get to see this. Embedded in this code is a redirection to another site but the redirection is coded in such a way as to keep your browser on a specific page e.g. advertisements etc. and all the downloads are happening on your machine from a site that your browser is not even showing. The user will be none the wiser.
What is actually happening?
Usually the first thing that happens is there is a downloader program downloaded and installed on your machine. This could look something like loader.exe etc this program will then run and get your machine to access multiple sites that in turn will exploit your pc to more downloads. The driveby download is well and truly underway. Your pc now has multiple applications installed without your consent and this can all happen in an instance while you still think you’re on a legitimate site.
Signs of infection
This can be that your wallpaper on your desktop has changed to something like “Spyware Infection” etc or your browser will only connect to a specific site or your task bar shows some sort of spyware warning that looks to be coming from your operation system. One of the main goals of the infection is to get you to pay to get rid of the infection that the same people put there in the first place.
How to defend yourself?
Always keep your operating system up to date with the latest patches as well as your web browser and have a reasonable updated anti virus program installed and running on your system. You can set your web browser to different security settings; it’s best to use the highest setting as well as disabling active scripting. If this blocks a few favorite websites you can add these sites to your browsers white list of sites. You can also use a firewall to block specific file types from downloading.
