The IT Law Wiki

Drive-by download

32,296pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

A drive-by download is:

A drive-by download

[o]ccurs when a user visits a malicious website or a legitimate website that has been compromised, involving malicious software designed to automatically run on the user's computer typically without requiring any additional user interaction.[1]

Overview Edit

A drive-by download may happen when a user visits a website, views an e-mail message or clicks on a deceptive pop-up window: the user clicks on the window in the mistaken belief that, for instance, it is an error report from his own computer or that it is an innocuous pop-up advertisement; in such a case, the "supplier" may claim that the user "consented" to the download, although the user was completely unaware of having initiated a malicious software download.

"The drive-by download attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and actual malicious code."[2]

References Edit

  1. ACSC 2015 Threat Report, Glossary, at 26.
  2. ENISA Threat Landscape 2012: Responding to the Evolving Threat Environment, at 13.

See also Edit

This page uses Creative Commons Licensed content from Wikipedia (view authors). Smallwikipedialogo.png

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki