The Be Sure Blog

Code Snippets | Problem Solving | Tips & Tricks

The Be Sure Blog banner

Drive-by attack hacking

posted on 25.1.2023 by Below Surface in "Cyber Security"

“Drive-by attacks” or “Drive-by downloads” are a common way to distribute malware to victim clients. Attackers search for insecure websites and position their malicious code into the HTTP or PHP code. Either this code will install malware onto the victims computer directly or it will redirect the victim to another site – which is controlled by the attackers – via an iframe. Usually the code is written in a way, that makes it harder for security personnel to analyze it. This form of attack is called Drive-By, because no action of the user is required visiting the compromised website. This attack only works if the users browser and operating system have open security vulnerabilities. For the attack usually dynamic functions and technologies like JavaScript, Ajax, Java, Adobe Flash are used. Those allow to update websites without action of the user by continuous communication of the client and server. Normally this tasks run in a so called Sandbox. By exploiting security issues though, the attackers can break out of the Sandbox and access the client system directly.

Needed for the attack:



cyber security
drive by attack


More posts of this category

Distributed Denial of Service Attacks

What are DDoS attacks and which types are existent

Cyber Security

Man in the Middle attacks

How attackers intercept and relay data with bad intentions

Cyber Security

Password Attack Hacking

Learn about the different types of password hacking

Cyber Security