Waa maxay soo dajisyada Drive-by^{(Drive-by downloads)} ? Weerarada lagu^(Drive-by) soo dejiyo darawalku waxay dhacaan marka kombuyuutarrada nugul ay cudurka qaadaan iyagoo booqanaya bogga internetka. Natiijooyinka ka soo baxay Warbixinta Sirdoonka Amniga ee Microsoft^{(Microsoft Security Intelligence Report)} iyo qaar badan oo ka mid ah tirooyinkeedii hore waxay muujinayaan in Drive-by Exploits ay noqdeen khatarta amniga shabakadda ee ugu sareysa ee laga walwalo. Xitaa kooxda ilaalinta internetka ee EU, Shabakadda Yurub^{(European Network)} iyo Hay'adda Amniga Macluumaadka^{(Information Security Agency)} ( ENISA ) ayaa ku raacsan.

Soodejisyada lagu wado

Waa la aqbalay in weerarrada la soo dejiyo ee Drive-by^(Drive-by) ay sii ahaanayaan nooca weeraryahannada badankoodu ay jecel yihiin. Tani waa sababta oo ah weerarka si fudud ayaa loo bilaabi karaa iyada oo la isku duro kood xaasidnimo ah mareegaha sharciga ah. Marka la isku duro, koodka xaasidnimada leh ayaa laga yaabaa inuu ka faa'iidaysto nuglaanta nidaamyada hawlgalka, daalacashada webka, iyo biraawsarka shabakada sida Java , Adobe Reader , iyo Adobe Flash . Koodhka bilowga ah ee la soo dejiyo badiyaa waa yar yahay. Laakin marka uu ku soo dego kombayutarkaga, waxa uu la xidhiidhi doona kombiyuutar kale oo waxa uu soo jiidi doonaa inta kale ee codeer-ka xaasidnimada leh nidaamkaaga.

Marka la soo koobo, kombuyuutarrada nugul waxaa lagu qaadi karaa malware-ka si fudud marka la booqdo website-ka noocaas ah, iyada oo aan la isku dayin in la soo dejiyo wax. Soodejintu waxay dhacdaa iyada oo aan qofku ogayn. Kuwaas waxaa loo yaqaan Drive-by downloads.^{(In short, vulnerable computers can be infected with malware simply by visiting such a website, without attempting to download anything. Such downloads happen without the person’s knowledge. These are called Drive-by downloads.)}

Xogta cusub^(New) iyo natiijooyinku waxay iftiimiyeen baaxadda baaxadda ee goobaha la soo dejiyo lagu wado, ee martigeliyay server-yada shabakadeed ee kala duwan.

Qaar ka mid ah matalaada lagu sameeyay maqaalka iyadoo la adeegsanayo tirooyinka ayaa siinaya fikrad cadaalad ah oo ku saabsan uruurinta bogagga soo dejinta ee waddammada iyo gobollada adduunka oo dhan. Goobaha leh xooga sare ee URL^(URLs) -yada la soo dejiyo ee labada dhinacba waxaa ka mid ah,

1. Suuriya – 9.5 ^(Syria)URL^(URLs) -ka-wadista ee 1,000 URL kasta^(URLs)
2. Latfiya^(Latvia) - 6.6
3. Belarus - 5.6.

Soo dejinta Drive-by^{(Drive-by Download)} waxaa la socday Bing dhamaadkii rubuci labaad ee 2013. Sidaas awgeed, tillaabooyinka uu qaaday mashiinka raadinta si uu uga ilaaliyo isticmaaleyaasha weerarrada la soo dejiyo waxaa ka mid ah falanqaynta boggaga internetka ee ka faa'iidaysiga marka la tilmaamayo iyo soo bandhigida fariimaha digniinta ah marka liisaska boggaga la soo dejiyo lagu wado ay ka muuqdaan liiska natiijooyinka raadinta.

Ka hortag weerarrada lagu soo dejiyo Drive-by

Maqaalka TechNet wuxuu muujinayaa tillaabooyin loogu talagalay horumariyeyaasha iyo Xirfadlayaasha IT-ga^{(IT Professionals)} si loo qaado maaraynta khatarta la xiriirta weerarrada soo dejinta. Tallaabooyinka qaarkood waxaa ka mid ah:

Ka-hortagga server-yada shabakadda in la jabiyo. Seerfarrada mareegaha waa la jabin karaa haddii aan lagu haynin la cusboonaysiintii ugu dambaysay ee amniga. Haddaba,

1. Ka dhig kuwa casriyeysan nidaamka(yada) serverka
2. Software -ka lagu rakibay mareegahaan ilaa hadda
3. Ka fiirso SDL Tilmaamaha Tixraaca Amniga Degdegga^{(SDL Quick Security Reference Guides)} ah ee cusbooneysiinta
4. Ka fogow inaad^(Avoid) internetka ka baadho^(Internet) server-yada webka ama isticmaal si aad u furto lifaaqyada iimaylka iyo iimaylka.
5. Ku diwaangeli^(Register) goobtaada qalabka maamulaha mareegaha ee Bing iyo Google Webmaster , si makiinadaha wax raadinta ay si firfircoon kuugu wargeliyaan haddii ay ogaadaan wax xun goobtaada.

Isticmaale ahaan, waxaad samayn kartaa taxaddarrada soo socda:

1. Hubi^(Make) in nidaamkaaga hawlgalka Windows iyo biraawsarkaaga shabakadu ay si buuxda u cusub yihiin.
2. Isticmaal software ammaan oo wanaagsan^{(good security software )} oo mar kale hubi in uu leeyahay qeexitaanadii ugu dambeeyay had iyo jeer
3. Adeegso^(Use) addons-ka browserka ugu yar maadaama ay inta badan wax u dhacaan
4. Isticmaalka addons Scanner URL^{(URL Scanner addons )} browserkaagu waxa kale oo laga yaabaa inay noqoto ikhtiyaar aad rabto inaad tixgeliso
5. Haddii aad isticmaalayso Internet Explorer iska hubi in SmartScreen kaaga daaran yahay.
6. Ugu dambayntii, caadayso wax baadhista badbaadsan oo noqo mid doorta boggaga aad si joogto ah uga baadhayso.

Noo sheeg haddii kombayutarkaagu waligiis uu ku dhacay weerar lagu soo dejinayay darawalnimo.

Hadda akhri^{(Now read)} : Waa maxay Malvertising?^{(What is Malvertising?)}

Prevent Drive-by downloads and related malware attacks

What arе Drive-by downloads? Drive-by download attacks occur when vulnerable computers get infected by just visiting a website. Findings from Microsoft Security Intelligence Report and many of its previous volumes reveal that Drive-by Exploits have become the top web security threat to worry about. Even the EU cybersecurity group, the European Network and Information Security Agency (ENISA) agree.

Drive-by downloads

It’s accepted that Drive-by download attacks continue to be many attackers’ favorite type of attack. This is because the attack can be easily launched through the injection of malicious code to legitimate websites. Once injected, malicious code may exploit vulnerabilities in operating systems, web browsers, and web browser plugins such as Java, Adobe Reader, and Adobe Flash. The initial code that gets downloaded is usually small. But once it lands on your computer, it will contact another computer and pull the rest of the malicious coder to your system.

In short, vulnerable computers can be infected with malware simply by visiting such a website, without attempting to download anything. Such downloads happen without the person’s knowledge. These are called Drive-by downloads.

New data and findings have highlighted the relative prevalence of drive-by download sites, hosted different web server platforms.

Certain representations made in the article via figures give a fair idea of the concentration of drive-by download pages in countries and regions throughout the world. Locations with relatively high concentrations of drive-by download URLs in both quarters include,

1. Syria – 9.5 drive-by URLs for every 1,000 URLs
2. Latvia – 6.6
3. Belarus – 5.6.

The Drive-by Download concentrations were tracked by Bing at the end of the second quarter of 2013. Accordingly, the measures taken by the search engine to help protect users from drive-by download attacks include analysis of websites for exploits when indexing them and displaying warning messages when listings for drive-by download pages appear in the list of search results.

Prevent Drive-by download attacks

A TechNet article features steps for developers and IT Professionals to be taken for managing the risk related to drive-by download attacks. Some of the measures include:

Preventing web servers from being compromised. Web servers can be compromised if they are not kept updated with the latest security updates. So,

1. Keep the server’s operating system(s) up to date
2. Software installed on these web servers up to date
3. Check out SDL Quick Security Reference Guides for the latest updates
4. Avoid browsing the Internet from web servers or using them to open email and email attachments.
5. Register your site with Bing webmaster tools and Google Webmaster, so that search engines can proactively inform you if they detect something bad on your site.

As a user, you can take the following precautions:

1. Make sure your Windows operating system and web browser is fully up-to-date.
2. Use a good security software and again ensure that it has the latest definitions always
3. Use minimum browser addons as they often get compromised
4. Using a URL Scanner addons for your browser might also be an option you may want to consider
5. If you are using Internet Explorer make sure your SmartScreen is turned on.
6. And finally, develop a habit of safe browsing and be selective about which sites you browse regularly.

Do let us know if your computer has ever been infected with a drive-by download attack.

Now read: What is Malvertising?

Related posts

• Sidee Looga Fogaadaa Khayaanada Khiyaamada iyo Weerarada?

• Waa maxay Gelitaanka Fog ee Trojan? Kahortagga, Ogaanshaha & Ka saarida

• Ka saar fayraska USB Flash Drive adoo isticmaalaya Command Prompt ama Faylka Dufcada

• Rogue Security Software ama Scareware: Sida loo hubiyo, looga hortago, looga saaro?

• Waa maxay Win32:BogEnt iyo sida loo saaro?

• Waa maxay IDP.generic fayraska iyo sida loo saaro?

• Sida looga saaro Digniinta Virus-ka Microsoft ee Windows PC

• Sida looga saaro Malware-ga PC-gaaga gudaha Windows 10

• Bundleware: Qeexid, Kahortag, Hagaha saarista

• Aaladaha ka saarida Malware ee bilaashka ah si meesha looga saaro Virus gaar ah Windows 11/10

• Habka Logo Microsoft ee Maamulaha Hawsha; Ma fayras baa?

• Spyware-ka ugu Fiican iyo Software ka saarida Malware

• Hagaaji raadinta khaladka dhacay markii la wado chrome Malware Scanner

• Sidee ku heli kartaa fayraska kombiyuutarka, trojan, shaqada, spyware ama malware?

• Talooyin si aad uga ilaaliso kombiyuutarkaaga weerarka Thunderspy

• Crystal Security waa aaladda ogaanshaha Malware ee ku saleysan Cloud ee bilaashka ah ee PC

• Sida loo isticmaalo Avast Boot Scan si looga saaro Malware-ka Windows PC

• Qaabka la cayimay qalad lagama heli karo Windows 11/10

• Soo-gudbinta Malware: Halkee loo gudbiyaa faylasha malware-ka Microsoft iyo kuwa kale?

• Waa maxay Rootkit? Sidee buu u shaqeeyaa Rootkits? Rootkits ayaa sharaxay.