Skip main navigation

Drive-By-Downloading

Article detailing the basics of a malware infection via a compromised website also referred to as a Drive-by-Downloading.
© PA Knowledge Ltd | 7Safe Training

Drive-by-Downloading

An infection or attempted infection by drive-by -downloading is when a web resource such as a website has been compromised and contains exploits or pointers to download malware.

When the webpage is accessed and the page renders in your browser, in the background an exploit is loaded or a redirection to another resource will occur resulting in the downloading of malware onto your computer. The redirection methods used are typically the insertion of an iFrame (inline frame) or JavaScript tag in the webpage. A snippet of a webpage containing an iFrame is detailed below:

Web page snippet depicting HTML iframe tag.

As can be seen, the text is clearly visible and in a human readable format however, such tags could also be encoded for obfuscation purposes. Any such encoding would first need to be identified before decoding to reveal the URL.

Additional informaiton…

The boffins at GCHQ have made available an online (or downloadable) tool called CyberChef. The tools capabilities range from the decoding encoding schemes, converting dates and times to different time zones to the disassembly of shell code and conducting entropy tests. CyberChef is as it claims to be, a “Cyber Swiss Army Knife” and is a really cool tool to have in your arsenal of software investigation tools. To use or download CyberChef click here.

CyberChef logo.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education