Drive-by downloads are a major entry point for sophisticated threat actors to deploy destructive ransomware. And cybercrime research shows these attacks are not limited to unwanted browser extensions and tech support scams but are also executed through threats like SocGolish, GootLoader, DarkTortilla, and others.
Keith Jarvis, CTU technical lead for cybercrime research, investigates the state of the drive-by download in 2022 where it maintains its place amongst malspam, scan-and-exploit, and credential theft as the preferred infection vector for malware. Keeping up-to-date on these and other evolving threats helps prepare your organization to defend against attack.