Drive-by attacks (Drive-by downloads)Drive-by attacks (Drive-by downloads)
In a drive-by, an attacker adds “poisoned” code (red box in the drawing) that infects the homepage of a web site.[1]
When you visit an infected site, you don’t notice anything unusual, but your browser may download and install this software. The poisoned software may enlist your computer in a bot-net, or it might track everything you type, reading your log-in names and passwords and compromising your logins or bank accounts.[2]
You may not beaware your computer has been infected, and thousands of computers can be infected in the course of a day.
[1] This is accomplished “silently” without the knowledge of the webmaster. Usually the poisoned code is javascript or a reference to a file on another server that contains the software.
[2] The attacker may not care about free speech—this may be entirely about economics and the value of having compromised computers that now can send out spam messages all day long. Or it could be about gaining access to your bank accounts.