Computer Security Wiki
Smallwikipedialogo.png Most of this page uses content from Wikipedia. The original article was at Drive-by download.
The list of authors can be seen in the page history. As with Computer Security Wiki, the text of Wikipedia is available under the GNU Free Documentation License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.

The expression drive-by download is used in four increasingly strict meanings:

  1. Downloads which the user indirectly authorized but without understanding the consequences. (Eg. by enabling an Active X component.)
  2. Any download that happens without knowledge of the user.
  3. Download of spyware, a computer virus or any kind of malware that happens without knowledge of the user. Drive-by downloads may happen by visiting a website, viewing an e-mail message or by clicking on a deceptive popup window: the user clicks on the window in the mistaken belief that, for instance, it is an error report from his own PC or that it is an innocuous advertisement popup; in such cases, the "supplier" may claim that the user "consented" to the download though s/he was completely unaware of having initiated a malicious software download.
  4. Download of malware through exploitation of a web browser, e-mail client or operating system bug, without any user intervention whatsoever. Websites that exploit the Windows Metafile vulnerability may provide examples of "drive-by downloads" of this sort.

The expression drive-by install (or installation) is completely analogous and refers to installation rather than download (though sometimes the two are used interchangeably).

In April 2007 researchers at Google discovered hundreds of thousands of web pages performing drive-by downloads.[1][2]


External links[]