Definition

drive-by download

What is a drive-by download?

A drive-by download is a program that is automatically downloaded to your computer without your consent or even your knowledge. Unlike a pop-up download, which asks for assent (albeit in a calculated manner likely to lead to a "yes"), a drive-by download can be initiated by simply visiting a Web site or viewing an HTML e-mail message. If your computer's security settings are lax, it may be possible for drive-by downloads to occur without any further action on your part.

Frequently, a drive-by download is installed along with a user-requested application. (In this case, the unwanted application is sometimes called a barnacle.) For example, a file sharing program might include a spyware program that tracks and reports user information for targeted marketing purposes. An associated adware program can then generate pop-up advertisements using that information.

Xupiter, an Internet Explorer toolbar program, was frequently installed as a drive-by download in the early 2000s. The program replaced a user's home page, changed browser settings, and used a redirect to take all searches to the Xupiter Web site. In some versions, the program initiated drive-by downloads of other programs. Furthermore, although it came with an uninstall utility, Xupiter was quite challenging for the average computer user to remove.

Drive-by downloads continue to be a major security issue online. In April 2007, researchers at Google discovered hundreds of thousands of Web pages that initiated drive-by downloads. One in ten pages was found to be suspect. Sophos researchers in 2008 reported that they were discovering more than 6,000 new infected Web pages every day, or about one every 14 seconds. Many of these infections are connected to botnets, in which each PC is turned into a zombie that may then be directed to further malicious activity, like spam or DDoS attacks.

This was last updated in May 2009
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchEnterpriseDesktop.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

  • Enterprise desktop tutorials

    SearchEnterpriseDesktop.com’s tutorials provide IT professionals with the latest information on implementing, managing and securing Microsoft Windows desktops including Windows Vista, Windows XP, desktop security, desktop virtualization, terminal services, application streaming, software as a service and more.

  • What USMT will and won't do

    Microsoft's User State Migration Tool does have limitations. See what it can and can't do.

  • How to handle your Vista migration

    Now that Microsoft has stopped selling Windows XP, many companies are considering whether or not to upgrade to Windows Vista. While Vista is not without its problems, many of the operating system's migration horror stories are exaggerated. Several problems can be avoided simply by following a few best practices throughout the migration process.

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: