Drive-by infection is the term given to a computer malware infection caught simply by visiting a website. Often the websites affected have already been compromised for the purposes of spreading malware. Reputable, frequently visited websites can also be affected. The infection occurs mostly by trying out exploits for security vulnerabilities not yet patched by the visitor.
It is becoming increasingly apparent that attackers are moving away from vectors of attack (e-mails with attachments or links) to drive-by infections. It would appear that the classic ways of spreading malware are no longer working so well, now that users are reacting more sensitively: they no longer click on every link contained in an e-mail or open every strange-looking attachment.
Effects and risks
- Distribution of Malware
- Data destruction on the Computer
- Abuse of an infected computer for spamming
- Theft of personal data and files
- E-banking fraud