Google warns of drive-by downloads

by admin February 19, 2008 at 4:02 pm

Drive-by downloads, in which malicious websites exploit browser vulnerabilities to execute malicious code, have increased since April 2007, warned Google researchers last week.

In April 2007, fewer than 0.4 percent of searches returned at least one harmful result. However, this had increased to over 1.3 percent in January 2008, warned Google researcher Niels Provos in a Google blog post.

Drive-by downloads are caused by URLs that attempt to exploit their visitors and cause malware to be installed and run automatically. The malicious sites target web-browser vulnerabilities to automatically download and run the binary when a user visits the site. Targeting web-browser vulnerabilities can circumvent some traditional security systems, such as firewalls.

Full article: ZDNet.co.uk