ty
[Silverlight] Drive by Download (DBD)
#133
Posted 20 December 2017 - 07:07 AM
#136
Posted 13 July 2019 - 02:07 AM
Drive-by download means two things, each concerning the unintended download of computer software from the Internet:
Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet).
Any download that happens without a person's knowledge, often a computer virus, spyware, malware, or crimeware.[1]
Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window:[2] by clicking on the window in the mistaken belief that, for instance, an error report from the computer' operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the "supplier" may claim that the user "consented" to the download, although actually the user was unaware of having started an unwanted or malicious software download. Websites that exploit the Windows Metafile vulnerability (eliminated by a Windows update of 5 January 2006) may provide examples of drive-by downloads of this sort.
Hackers use different techniques to obfuscate the malicious code, so that antivirus software is unable to recognize it. The code is executed in hidden iframes, and can go undetected.[3]
A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).
Drive-by download means two things, each concerning the unintended download of computer software from the Internet:
Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet).
Any download that happens without a person's knowledge, often a computer virus, spyware, malware, or crimeware.[1]
Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window:[2] by clicking on the window in the mistaken belief that, for instance, an error report from the computer' operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the "supplier" may claim that the user "consented" to the download, although actually the user was unaware of having started an unwanted or malicious software download. Websites that exploit the Windows Metafile vulnerability (eliminated by a Windows update of 5 January 2006) may provide examples of drive-by downloads of this sort.
Hackers use different techniques to obfuscate the malicious code, so that antivirus software is unable to recognize it. The code is executed in hidden iframes, and can go undetected.[3]
A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).
#137
Posted 09 August 2019 - 06:53 PM
#138
Posted 05 September 2019 - 01:23 PM
#140
Posted 20 September 2019 - 10:16 PM
Users browsing this thread: