WHAT IS DRIVE-BY DOWNLOAD?
A Typical Attack Scenario
A common scenario involves an attacker compromising a legitimate website (techniques not covered here) that they know their victim(s) will browse to naturally, or that they lure them to via social techniques such as phishing emails or social media. In this specific scenario, once the user connects to the site, a malicious Java class file loads, exploiting a vulnerability in the browser’s Java plugin. Once exploited, the malicious code proceeds to download the executable payload (here, a Remote Access Trojan) that will silently give the attacker remote access on the victim’s computer.