I've seen many people saying how some sites can infect your computer without actually clicking anything. They said that it was a "Flash Drive By" and it would use flash to download a file of any kind. Does that really exist or could it be something else?
Asked
Active
Viewed 1,182 times
2 Answers
10
It's not called Flash Drive By, but Drive-By Download, and yes, it's basically downloading malware just by visiting an infected website. Usually drive-by downloads work by exploiting a browser vulnerability (or a vulnerability in plugin like Flash or Adobe Reader), which leads to remote code execution triggering the download of malware.
Unfortunately drive-by downloads are getting more and more popular, especially that many legitimate websites get infected by adding a malicious Javascript code to their pages. That in turn usually happens with SQL injection and/or XSS. So, basically, a web application vulnerability in a legitimate website may lead to system-level exploitation of clients that visit it.
You can learn more about Drive-By-Downloads, the mechanism of infections, the statistics etc. in the following OWASP presentation.
Krzysztof Kotowicz
- 4,068
- 20
- 30
2
Yes, it exists. There have been a lot of vulnerabilities in Flash that allow code execution if the user views a flash file (which most browsers will do automatically, if you have the plugin installed).
Dentrasi
- 121
- 2