Story image

Drive-by downloads proving popular amongst hackers

08 Oct 15

Hackers are finding ways around user’s avoidance of clicking attachments in emails, as drive-by downloads become the preferred way of accessing personal data.

That’s according to F-Secure, who says users have to be aware of how these attacks occur and take adequate cyber security measures to protect themselves.

Drive-by downloads are where users unintentionally download viruses or malware. The attacks involve email spam with weblinks that take the recipient to malicious websites.

Jonathan Banks, operator account director, ANZ, F-Secure, says that while people are now more cautious of downloading attachments from emails, online crooks have adapted and found a way to avoid user precautions and install their malware for them.

“People need to stay ahead of the hackers’ game and implement security technologies to keep them safe online,” Banks says.

Banks says there are four things to remember when it comes to drive-by downloads.

It’s time people understand the risks

By simply clicking on an email, a website, or a pop-up window, rogue software can be installed on devices, Banks says. These attacks work by fooling people into thinking they are legitimate links.

“Even though these attacks have been around for years, people still don’t understand what drive-by downloads are and the risks involved,” he says. “If you hear a major site was serving up malware through bad ads, chances are a drive-by download was involved.”

It takes a village (or at least an infrastructure) to make it work

“The threat is an ecosystem with many players,” says Banks.

Hackers can buy a list of email addresses and hire spammers to spam email. The spam links to the hired exploit kit vendor who drops a Trojan-downloader (which was bought from some other vendor), and then the Trojan-downloader downloads and installs the hackers’ Trojan (which is also likely based on a kit, such as ZeuS).

“People must realise that this is a thriving industry working to gain access to private data,” Banks explains. “This is driving attacks to become more sophisticated.”

The threat is multi-layered

Banks says the threat is engineered to get around security software. Keeping all software updated all the time is a necessary precaution. However, Banks says these attacks tend to involve exploit kits that could target any and all vulnerabilities.

“Make sure your security software uses multiple methods to protect against both known and unknown threats,” he says. “For example, the malware might be smart enough to circumvent antivirus software, but another layer of protection will detect and block the threat.”

The threat is personalised

“Hackers are increasingly using social engineering techniques to manipulate people into ignoring normal security precautions,” Banks warns.

“By increasing the relevance of the link to the individual user, they increase the chances of the person clicking through and giving hackers access to their data.

 “Hackers often play on users’ trust by using a friend’s email addresses or an apparently legitimate party, like a bank or big-name company, to execute drive-by download attacks,” he explains. “People should delete any emails requesting sensitive data, be sure to research the facts when contacted by companies or friends, and be suspicious of any unsolicited contact.”

Why A/NZ organisations need to improve compliance protocols
Only a mere 4% of IT decision makers and data managers surveyed said their organisation faced no data management challenges. 
AWS tops all four global markets, APAC a unique case
The order of proceedings remains relatively the same in three of the four major regions for public cloud services providers, but the APAC market is bolstered by the prominence of China.
How artificial intelligence is transforming finance teams
"Organisations using cognitive ergonomics and system design in new AI projects will achieve long-term success four times more often than others.” 
Pure Storage launches new cloud data services
“Customers should be able to make infrastructure choices based on what’s best for their environment, not constrained by what the technology can do."
Is self-service BI living up to the hype?
the explosion of data available to a business and self-service BI tools is transforming how everyone works - but is self-service living up to expectations?
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.
How organisations can use AI to generate business insights
DataRobot’s automated machine learning enhanced Precision Marketing’s predictive modelling capabilities.
WA council first to adopt new Datacom tech for local government
The early adopter Shire of Majinup’s initial priority is to use Datascape to help it engage more closely with its community.