Drive-by malware refers to malware that installs itself on a user’s computer “in passing”, so to speak. “Drive by” literally means “in passing” and corresponds to the German idiom “in passing”. Just visiting a compromised website is enough to infect a computer with drive-by malware. No further action by the user is necessary, as vulnerabilities of the Internet programs are exploited here.
Drive-by malware (also known as malvertising) mostly uses ads on websites: ads are placed that contain malware. These malicious programs are programmed to exploit vulnerabilities in Internet programs (browsers). If such a security vulnerability exists, the malware automatically downloads itself to the user’s computer. This means that drive-by malware can get onto your computer just by visiting an infected website. Ads with drive-by malware are also displayed on reputable legitimate websites, such as news magazines. It is true that the operators of these websites check the ads before publication. But due to the low advertising prices, an in-depth examination is not economical. Drive-by malware is often very cleverly hidden in the ads, so it is not detected during the usual checks.
Technically, drive-by malware is a Trojan. This is because the malware is “disguised” as an advertisement. Drive-by malware can bring different types of malware onto your computer. For example: ransomware that encrypts computer contents and demands a ransom for decryption. Or spyware that spies on your data and user behavior. Or keyloggers that transmit passwords entered via the keyboard to cybercriminals.
You may encounter it every time you visit a website where advertising is placed.
