Peaches Posted November 13, 2010 Report Share Posted November 13, 2010 Drive-By Downloads: Malware's Most Popular Distribution Method After years of burying malicious software in email and portable storage media, attackers now favor quick downloads via legitimate websites, researcher says Nov 12, 2010 | 09:54 AMBy Tim WilsonDarkReading A drive-by download typically begins by injecting a Web page with malicious code, often through JavaScript, Daswani explained. The code generally invokes a client-side vulnerability to deliver shell code, such as the JavaScript-based Heap Spray attack, to take control of the user's machine. From there, the attacker can send a "downloader," which is often custom, zero-day code that isn't recognized by traditional antivirus systems. Once the downloader is in place, the attacker can deliver his malware of choice, Daswani said. Drive-by downloads are particularly effective for delivering code that can steal end user credentials (such as Zeus), launch a fake antivirus scam (such as Koobface), steal server-side administrative credentials (such as Gumblar), steal corporate secrets (such as Project Aurora), or collect fraudulent click revenue (such as clickbot.A), he noted. http://www.darkreadi...cleID=228200810 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.