Why to Keep Updated Software in Computer
Drive-by download attack is a popular tactic used by hackers by taking advantage of software that has not been kept up-to-date.
There is a strong reason on why it is continuously emphasized by tech experts to keep all your software in your system up-to-date. And the reason is the drive-by download attacks. In simple terms, drive-by download is an unintended download of computer software from the Internet. Such downloads can happen when visiting a website, viewing an e-mail message, or by clicking on a pop-up window.
[box_dark]Techniques used by hackers to dupe you[/box_dark]
Hackers can gain access and turn a legitimate website into a drive-by download site by posting exploit code that target specific vulnerabilities in web browsers and browser add-ons.
The other technique used by hackers to intrude in your system is to post malicious code to a poorly secured Web form, like a comment field on a blog.
According to Microsoft Blog, “Users with vulnerable computers can be secretly infected with malware simply by visiting such a website, even without attempting to download anything themselves.”
[box_dark]Why know all about browser add-ons?[/box_dark]
Some browser add-ons are preinstalled by the computer manufacturer before the computer is even sold. As users, we may not be aware of such add-ons or installations and thus may not know about the availability of their future updates and how to obtain it. This may make our system more vulnerable to attacks. Similarly, owners of compromised systems may not know that they are being used to attack other Internet users.
[box_dark]What will happen to a PC hit by drive-by download attack?[/box_dark]
An article published on Security News Daily highlights the repercussions of a drive-by download attack.
[quote]Once installed, malware delivered by a drive-by download can do a number of different things: log keystrokes, scan the system for files of a personal nature, herd the system into a botnet of similarly compromised machines, infect the Web browser with a banking Trojan that hijacks online-banking sessions, and install a "backdoor" that will let in even more malware.[/quote]
Although modern web browsers alert users of any compromised website or a malicious code, they are unable to catch hidden links and show their corresponding infected or compromised sites.
[box_dark]Any real world example of drive-by download attack?[/box_dark]
The Security News Daily article beautifully summed up the real incident of a Mac Flashback outbreak (a drive-by download attack) in March 2012:
The Mac Flashback outbreak, which infected an estimated 600,000 Macs in March 2012, showed how successful drive-by downloads can be.
In that case, malware writers first created a fake "toolkit" for WordPress-based blogs, which tens of thousands of WordPress users installed, creating a "backdoor" that let the malware writers infect their blog pages.
Browsers visiting those pages were redirected to malware sites, which tried to install a "downloader," the first part of the Flashback Trojan. If direct installation failed, another piece of malware asked the user for permission to install (fake) Apple software, which was in fact the downloader.
Once installed, the downloader would install more malware. One piece was a backdoor; another hijacked Web browsers to replace Web ads with ads controlled by the malware writers.
The Flashback outbreak was contained by Apple security updates in early April 2012, but in retrospect the owners of those 600,000 infected Macs were lucky. The backdoor did not install any more malware, which could have stolen the users' identities, emptied their bank accounts or used the infected machines to pump out spam and sleazy Web ads.
[box_dark]What can I do to protect my system from drive-by download attack?[/box_dark]
We can take the following precautions to protect against drive-by download attacks:
. Keep all software up-to-date with the latest service packs and security updates
Make a practice to regularly update all software present in your system whether you use them or not. This includes the operating system(s), web browsers, productivity suites, all applications, and software that might have been pre-installed by manufacturers.
2. Remove clutter and keep system clean
Uninstall all the unused and unnecessary software and add-ons. This will help you to easily manage the relevant software. Disable those software that cannot be uninstalled.
3. Old is not gold in terms of system security
Try to use the most recent versions of operating systems, browsers, etc. According to a data, hackers are more comfortable in exploiting the older versions of operating systems and browsers as compared to the latest ones.
4. Caution is the best protection
Be cautious while surfing especially social media sites. Do not just click on any link without checking their validity. Similarly, be careful and selective about the e-mails you open and the instant messages you interact with.
5. Use anti-malware software and browser filtering tools
Purchase good anti-malware software from a trusted vendor. You can also leverage filtering option available with various browsers like the SmartScreen Filter and ActiveX Filtering available with Microsoft Internet Explorer.
[box_dark]Word of advice for other platforms[/box_dark]
Owners of iPhone, iPad, and iPod Touch should avoid jailbreaking their devices and should install Apple system updates.
Android owners should first check the Google Mobile Blog before installing a system update. It is also advisable to have mobile security software in your Android phone.