Imagine this… You’re perusing the ancient and colorful Grand Bazaar in Istanbul, feeling overwhelmed by all the interesting sights, sounds, and smells. An excited and charismatic shop owner waves you over to his wares, enticing you to contemplate the colorful baubles he has on display. As you’re thus distracted, a quiet, inconspicuous character jostles you lightly from behind, whispering an apology as she hurries past. You walk away from the ordinary encounter perfectly unaware that she also planted a powerful bug on your person, and can now track your every move, and monitor whatever you do, potentially using this newfound power to swipe the confidential documents you have holed up in your hotel safe.
You’re probably thinking, the description above sounds a lot like the fantastical tales you’ve read about in pulpy spy novels. Yet, it is surprisingly close to what the average user risks every day while browsing web sites online—the risk of the drive-by download.
Right now drive-by downloads are one of the most common ways cyber attackers lure victims into unknowingly infecting themselves with malware. Today, smart attackers combine drive-by download attacks with something called a “watering hole” attack, where they exploit web application flaws to hijack legitimate web sites and force them into serving malware to their visitors. Yesterday, Help Net Security posted an article I wrote describing how drive-by downloads and watering holes work, and how to defend yourself against them. If you’d like to learn more about either of these common cyber attacks, check out Defending Against Drive-by Downloads on Help Net Security. — Corey Nachreiner, CISSP (@SecAdept)