What is a drive-by virus?
The term virus is perhaps not fully accurate as it isn't a particular virus but a method by which some form of malware (malicious software) can be caught. The drive-by effect is to make the user run a programme
that then has unwanted consequences. In short, the activity is centred on home wireless routers where a seemingly anodyne Java applet or Direct-X control can be used to gain access to a personal computer and then make it ripe for infection with any form of malware.How can a computer become infected with a virus?
It is only if a user runs a programme that a virus can be caught. That is why an e-mail cannot in itself infect a computer; an attachment, however can as by clicking on it you may be asking your computer to do just that. With a drive-by virus, when you open a web page and then accept to run a Java Applet or Active-X control, you are asking your computer to run a programme. Fraudsters exploit the fact that many people are not conscious of what they are doing as many are so used to blindly accepting to run these kind of add-ons to a web page.How does a drive-by virus work?
What the virus does is to exploit the way that home wireless networks are set up to gain access to the computer from inside, thereby circumventing the protection offered by a firewall. The effect will depend very much on what the intention of the malware is but often it leads to capturing details submitted to a genuine site such as e-banking. This is known as pharming
. There is a distinction to be made with phishing
where data is submitted to a spoof website. Most anti-virus applications can help in countering phishing but not pharming because the malware is running inside the firewall.Where can I get more information?
The phenomenon is not new. Already in December 2006, Symantec Inc. published a study
"Drive-by Pharming" in which the process is described and the vulnerabilities exposed.
Some specialists have run tests comparing different browsers to see how vulnerable they are to this form of attack but, as it has been pointed out
, although updates and upgrades are available which may solve a part of the problem, there remains a large number of internet users who do not install these.
At the same time, an experiment
carried out by IT safety professional Didier Stevens shows that we compromise our own safety by following links which are explicitly marked as a way of getting a virus.How can I protect myself?
Fundamentally, the best form of protection is awareness and behaving responsibly on-line: