Drive-By Downloading

6/19/2004 10:00:09 PM

Drive-By Downloading

I discovered last week that a Trojan Horse was installed in my computer through a technique called drive-by downloading. The term "drive-by downloading" refers to downloading of executable code just by visiting webpages. Actually, it wasn't so simple; the offending webpage uses a social engineering technique that asks an obvious question to stimulate the user into clicking on the webpage, thereby causing a download to occur.

In my case, the popup was asking an obvious question, such as who is the most popular singer or is the first lady of the country, and presenting a list of three answers, only one of which was obvious.

I can't believe that it was this easy to become infected; I also couldn't believe that Internet Explorer could be so flawed as to allow an a security breach like this. This discovery led to my decision to install Windows XP Service Pack 2, despite my disinclination to run beta software on my main development machine. The installation was flawless, by the way.

Comments

 

Navigation

Categories

About

My name is Wesner Moise. I am a software entrepreneur developing revolutionary AI desktop applications. I worked as a software engineer in Microsoft Excel group for six years during the 1990s. I worked on PivotTables and wrote the most lines of code in Excel 97-- about 10 times the median developer. I have a Harvard BA in applied math/computer science and a UCLA MBA in technology entrepreneurship. I am a member of the Triple Nine Society, a 99.9 percentile high-IQ society.

Social Media