Drive-by attacks are a kind of cyberattack in which malicious software and files are secretly downloaded onto the victim’s system, even if the only action the user took was to visit the URL. The victim unwittingly sets off the attack by simply visiting any one of these malicious websites or clicking on infected files and links.
Oftentimes, drive-by attacks are helped along by vulnerabilities in the security systems or system software. The malware from drive-by attacks gets to work stealing data, and modifying system settings all without the user’s knowledge.
Cybercriminals often use drive-by attacks to spread their malicious software to unsuspecting targets with poor cybersecurity measures in place. Since this type of attack requires little from the user, they possess a high-efficiency rate.
History of drive-by attacks
- (2010-2013): In these two years, one of the most infamous and utilized tools for drive-by attacks was the ”Blackhole” Exploit Kit. It was capable of exploiting flaws in systems, browsers and software and was used to deliver malware payload.
- (2014-2016): The following two years saw the reign of the “Nuclear” Exploit Kit, which was featured in a lot of drive-by attacks. It was sold on the dark web and was capable of successfully attacking software, including Microsoft Silverlight, Oracle Java, and Adobe Flash.
- (2020): Humanity battled two widespread infections this year, COVID-19 and The EKANS Ransomware Attack. This kind of ransomware attack was designed to focus on industrial control systems (ICS). Their targets were Enel and Honda, whose files were encrypted until a ransom was paid.
How to stop drive-by attacks
- Frequently update the software and operating systems of your devices.
- Set up a security measure that consists of reliable anti-malware software and a firewall.
- Be cautious when surfing the internet, and avoid opening any suspicious files and links.
- Install a reliable virtual private network (VPN) to encrypt your connection when you access public Wi-Fi networks.
