There are countless ways a computer can be infected with malware. There are way too many to list in one post, and they change almost daily. So, rather than presenting you with the latest, most horrifying, cluster of viruses and malware preying on business and home users, we’ll explain how networks and computers can become infected, and share a few examples from our own clients.
We’re going to focus on the most prevalent type of infection vector right now known as “drive-by-downloading,” but first we should start off by talking about “classic” ways computers became infected with malware.
Once upon a time, a user had to be tricked into literally downloading and running a program. The programs that contained the viruses would often parade themselves as being something useful or have a desirable function for the user, but instead gives a hacker unauthorized access to the user’s computer. This is how these kinds of infections got the name “trojan” or “trojan horse”. The term is derived from the Trojan Horse story in Greek Mythology. The ways the bad guys tricked you into running such programs varied (and some old tricks still exist today), but for the most part they actually required user intervention.
These kinds of attacks still exist. In fact, the holidays are prime time for a long-running trojan-based scam spreading through email parading itself as a legitimate UPS or DHL email; claiming that the recipients had packages for pickup, etc.
These days, the majority of users are actually educated on these kinds of attacks. Often people are wary of strange emails with strange attachments, unsolicited or not, and are careful about what they intentionally download (for the most part) from the internet.
So here’s where the question comes in:
“I didn’t download or run anything out of the ordinary. How did I become infected?”
Well, the bad guys got smarter and more vicious when the average user got smarter. The answer is:
Drive-By-Downloading is when a user indirectly authorized and download without understanding the consequences or, any download that happens without the knowledge of the user or without any intervention from the user. Simply stated, you visit the wrong website and you’re automatically infected. Today it’s more or less luck of the draw when it comes to visiting the wrong website. This can happen by either visiting a website that was intentionally setup to distribute malware or by visiting a legitimate website that was compromised and is being used to distribute malware.
Regarding legtimate websites that were compromised, here’s a couple of examples:
One of our clients who manufactured doors had a vendor that they did legitimate business with. Well, that vendor’s website was compromised by hackers and used to distribute computer viruses via “drive-by-downloading.”
We had a remote malware removal customer who had more or less the same story. She visited the website of her daughter’s highs school. Then, BAM!! Another victim of drive-by-downloading.
Advertising portals on legitimate websites get compromised and malware is indirectly delivered to you , and the list goes on and on.
Black Hat SEO
So, how do the bad guys get you to visit websites that are not legitimate and intentionally created to distribute malware? They employ a technique in the computer world known as black hat SEO (search engine optimization). Search Engine Optimization is the process of improving the volume of traffic to a website. Black hat SEO tactics are used to increase traffic to a website intended to distribute malware.
The internet is the Wild Wild West. So be careful! If you do become a victim of malicious infections, we can help!