drive-by download


Also found in: Dictionary, Thesaurus, Wikipedia.
Related to drive-by download: Rootkit

drive-by download

A program that is automatically installed in a computer by merely visiting a website without explicitly clicking on a link. Typically installing spyware that reports information back to the vendor, drive-by downloads are deployed by exploiting flaws in the browser and operating system code. The best deterrent is to routinely install security updates to the software in the device. See drive-by install and spyware.
References in periodicals archive ?
Now hackers are infecting computers via drive-by downloads, which don't require a user even to click a link or download an email attachment to let a bug in.
KIRDA (2009b): "Mitigating Drive-by Download Attacks: Challenges and Open Problems", unpublished manuscript.
McAfee today released the results of its Mobile Security: McAfee Consumer Trends Report, documenting sophisticated and complex risky apps containing multi-faceted scams, black market crimes, drive-by downloads and near-field communication threats.
Drive-by downloads victimize users by quietly scraping their machine for any usable personal information, leading to financial fraud and any number of other possibilities.
And, the new software, BLADE-short for Block All Drive-By Download Exploits-is browser-independent and designed to eliminate all drive-by malware installation threats.
EoACA[pounds sterling]Exploiting thisEoACAolikely through a drive-by download attackEoACAowould give an attacker near system-level privileges.
If anything, there are probably more "lures" of all types being generated, but with the destination being an exploit site with a drive-by download that infects users directly with malware, rather than a phishing site that attempts to steal credentials via social engineering.
The style of attack is known as a drive-by download and is common on the desktop: When someone visits a hacked website, malware can transparently infect the computer if it doesn't have up-to-date patches.
A drive-by download usually involves a chain of events; the victim visits a website which in this case is carrying a malvertisements, the malvertisements will contain either JavaScript which will be automatically executed by the browser.
Enterprise users at risk for this drive-by download have either the Windows 2000 or XP operating system, or Windows server 2003.
Nine Ball works as users visit one of the infected Web sites and are sent through a chain of redirections to sites owned by the attacker, before landing on the final drive-by download site.