SecPlusTrainer / Glossary / What is a drive-by download attack?
D2 · Threats

What is a drive-by download attack?

A drive-by download automatically downloads and executes malware when a user simply visits a compromised or malicious website — no user action (like clicking) required.
Exploits unpatched browsers and plugins (Flash, Java, PDF readers). Defense: keep browsers/plugins updated, web filtering, browser isolation, NoScript extension. Users don't need to click anything.

Related Terms

What is adversarial AI in cybersecurity? What is an aggregation attack? What is anti-forensics? What is an attack surface?
← Back to Glossary Practice Questions →