Drive-By Download

I recently learnt about a cyber-attack that is different to your usual run of the mill click on the link and infect your device routine.

This attack doesn’t rely on you to do anything to actively enable it.

I know right, you were just starting to get the hang of not clicking on anything suspicious and doing all you can to keep up with your best practices and now hackers have created malware code that can be deployed without you being able to detect or stop it.

Why it is called “Drive-by” is because it can be downloaded by simply visiting a compromised site, you don’t need to physically do anything, by opening the page/app and closing it, this malware will be deployed onto your device.

How this code is spread, is through security flaws in website browsers, apps or operating systems which means if you access it on your computer or mobile device, both will be compromised. Hackers use something called an exploit kit which contains software that is designed to run on web servers and locate software vulnerabilities on these different platforms to see which the best target will be.

It may seem like a harmless attack but what makes it so dangerous is that it is kept on normal websites, apps and operating systems that are corrupted by the malware due to their security not being up to standard.

It is hidden in app upgrades, e-mails, sms’s and social media posts, which means it makes it very easy for the attackers to lure you onto the platform that will download the malware and infect your device because it will all seem legitimate and uncompromised, it doesn’t need to be fake or dodgy looking.

Once infected, the attacker has access to your entire device. They can take down your keystrokes when you are logging into your other accounts.

Data theft and ransomware are common attacks to follow once the hacker has access to your device.

It may sound like there is no way to protect yourself against this type of cyber-attack, but there is. Make sure, you are keeping up with all your updates, for your browser and for your devices, this will ensure the latest software is active and will add an extra layer to detect any suspicious activity.

As mentioned in past blogs, you can’t only rely on anti-virus and updates, you need to have a firewall and setup other precautions like email security, end point protection and DNS protection.

Having a partner like J2 Software for your home and work environment will help ensure you will be protected, it is no longer obvious attacks you need to look out for.

You must remember that any device connected to the internet, can and will be compromised if you do not have security measures in place.

By keeping up to date with the new types of attacks you can adapt your environment accordingly.

Let’s get real

Olivia-Hannah Coetzee