Drive-by download

From Wikipedia, the free encyclopedia

The expression drive-by download is used in three increasingly strict meanings:

  1. Any download that happens without knowledge of the user.
  2. Download of spyware, a computer virus or any kind of malware that happens without knowledge of the user. Drive-by downloads may happen by visiting a website, viewing an e-mail message or by clicking on a deceptive popup window: the user clicks on the window in the mistaken belief that, for instance, it is an error report from his own PC or that it is an innocuous advertisement popup; in such cases, the "supplier" may claim that the user "consented" to the download though he was completely unaware of having initiated a malicious software download.
  3. Download of malware through exploitation of a web browser, e-mail client or operating system bug, without any user intervention whatsoever. Websites that exploit the Windows Metafile vulnerability may provide examples of "drive-by downloads" of this sort.

The expression drive-by install (or installation) is completely analogous and refers to installation rather than download (though sometimes the two are used interchangeably).

In April 2007 researchers at Google discovered hundreds of thousands of web pages performing drive-by downloads.[1][2]

[edit] References

  1. ^ Niels Provos; Dean McNamee; Panayiotis Mavrommatis; Ke Wang; Nagendra Modadugu (2007-04-10). "The ghost in the browser: analysis of web-based malware". HotBots'07, Cambridge, MA: USENIX. Retrieved on 2007-05-11. 
  2. ^ "Google searches web's dark side", BBC News, 2007-05-11. 
Malware logo    This malware-related article is a stub. You can help Wikipedia by expanding it.
Languages