How to survive a drive-by malware attack

Illustration of a laptop with a magnifying glass exposing a beetle on-screen
(Image credit: Shutterstock / Kanoktuch)

If you spend any time surfing the web, it’s likely that sooner or later, you’re going to run into malware. It can be hiding even in the most innocuous-seeming places, including websites you’ve visited hundreds of times before. Avoiding malware and viruses entirely is virtually impossible.

The good news is that you can defend against the most common online malware attacks by taking a few preventative measures. We’ll explain how a drive-by malware attack works and how you can survive it without suffering severe damage to your computer network.

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Perimeter 81 is one of TechRadar's choices for the best SWG providers

Protect your employees and network from web-based attacks with a Secure Web Gateway. Filter out malicious threats. Monitor all employee activity. Streamline compliance. Secure your entire workforce, whether on-prem or remote with Perimeter 81. Deploy in minutes. Start now.

What is a drive-by malware attack?

A drive-by malware attack is a common technique used by malicious hackers. A website is infected with malware and then that malware is passed along to any computer that connects to the website. In most cases, neither the website owner nor the site visitor has any idea that malware is being spread.

The malware spread in these drive-by attacks is often known as a Trojan, as in a Trojan horse. The infected website may look and function normally, but it’s carrying a malicious payload inside the data being sent to any device that connects to it.

Malware from a drive-by attack can be spread to computers, tablets, and even smartphones. It’s often designed to spread quickly through networks once it gains a foothold on a single device.

Depending on the type of malware being deployed, hackers can do a variety of different things. They may be able to log your keystrokes or steal sensitive information like your passwords. They may also be able to compromise your computer’s operating system and add your device to a malicious botnet. 

Worst of all, Trojans downloaded during a drive-by malware attack can open a gateway that enables attackers to deploy even more malware on your system.

How to defend against a drive-by malware attack

There’s no silver bullet for defending against drive-by malware attacks. Hackers are incredibly crafty at hiding the fact that a website has been infected and malware is constantly evolving to elude outdated defenses.

So, the best way to defend your system is to build a series of overlapping defenses. Here are four of the best precautions you can take.

1. Be wary when surfing online

One of the best ways to avoid malware online is simply to keep your guard up when you’re surfing the web. It’s nearly impossible to completely avoid infected sites since hackers are very good at covering their tracks and can infect websites without the owner or browsers realizing it. However, you can still avoid the majority of compromised websites.

Helpfully, most top web browsers have built-in security tools to warn you if a website appears unsafe. You may get a warning if the connection isn’t encrypted with an SSL certificate or if the URL matches a list of domains that are known to be compromised. Don’t ignore these warnings, as they’re a strong indicator that malware could be lying in wait if you continue to connect to the site.

You can also avoid malware by refraining from clicking on pop-up ads, banners, and any offers that sound too good to be true. These eye-catching ads are designed to get you to click and connect to an infected web page.

If you really need to connect to a site that’s suspected of harboring malware, consider using a sandbox environment. These virtual environments are walled off from the rest of your computer system, so there won’t be any damage done if you accidentally download malware from an infected website.

2. Use a secure web gateway and firewall

One of the most effective ways to prevent drive-by malware attacks is to use a secure web gateway (SWG) like Perimeter 81. An SWG is a type of software that sits between your computer and the internet. It scans websites and web applications for suspicious traffic that could be indicative of an infection. If an SWG detects potential malware, it can prevent your device from connecting to the site.

SWGs have a number of other important features, including enabling you to blacklist specific URLs across an entire computer network. They can also be used to throttle the amount of data that is transmitted between your computer and a website, help thwart an automated malware download or even prevent sensitive files from being uploaded from your computer without your knowledge.

For the most effective malware defense, an SWG should be used in combination with a firewall. While SWGs scan for malware at the level of entire websites, a firewall scans each of the individual data packets for malicious code and will prevent that packet from reaching your computer.

3. Run antivirus software

If you’ve taken the steps above and a drive-by malware attack still succeeds in depositing malicious code on your device, antivirus software can help prevent a digital catastrophe.

Antivirus software actively scans your computer for malware and can remove or quarantine any malware it finds. It will detect if you have accidentally downloaded malware and move quickly to prevent any serious damage from occurring.

4. Limit user permissions

One other important preventative measure you can take is to limit the permissions of user accounts on your device. For example, you can restrict regular user accounts from modifying your operating system settings or installing software. Only an administrator account—which you then shouldn’t use for surfing the web—will have these permissions.

In the event that you download malware in a drive-by attack on a regular user account, the amount of damage it can do will be severely restricted. In fact, some types of malware may be rendered nearly harmless if they can’t access your operating system’s settings.

Conclusion

While cautious web browsing will protect you from many drive-by malware attacks, even the most innocent-looking websites can harbor malware. So, it’s important to have the best SWG and firewall to prevent malware from making its way onto your devices. It’s also smart to have a reliable antivirus program running on your device to quickly deal with any malware that makes it through your online defenses.

Michael Graw

Michael Graw is a freelance journalist and photographer based in Bellingham, Washington. His interests span a wide range from business technology to finance to creative media, with a focus on new technology and emerging trends. Michael's work has been published in TechRadar, Tom's Guide, Business Insider, Fast Company, Salon, and Harvard Business Review. 

TOPICS