The "drive-by download" attack
So what happens when a user visits a compromised site?
Once the user is redirected to the intended malicious web page, the infection process kicks in as further scripts exploit client-side vulnerabilities. The stages of the attack include:
- Entry Point: Simply visiting a website running malicious code.
- Distribution: You’re redirected to another site, which is controlled by hackers
- Exploit: An exploit kit hosted by the site probes your operating system, web browser, and software to find vulnerabilities
- Infection: The exploit kit downloads its payload, or malware that installs itself on your computer
- Execution: The malware starts doing what it was built to do, from accessing email accounts to holding your files hostage.
These so called "drive-by downloads" have consistently created a number of security challenges for organizations and end users alike.