2 cissp ® Official Study Guide Eighth Edition

754
Chapter 17 
■
Preventing and Responding to Incidents
include drive-by downloads. They also host their own malicious websites and use phishing 
or redirection methods to get users to the malicious website. Most drive-by downloads take 
advantage of vulnerabilities in unpatched systems, so keeping a system up-to-date protects 
them. 
Attackers have sometimes used “malvertising” to spread malware. They pose as legiti-
mate companies and pay to have their ads posted on legitimate websites. If users click the 
ad, they are redirected to a malicious site that typically attempts a drive-by download. 
Attackers frequently use a drive-by download to infect a single system, 
with the goal of gaining a foothold in a network. A common method is 
to send phishing emails with links to malicious sites along with a short 
phrase such as “You’ll like this” or “You have to check this out.” If users 
click the link, they are taken to a site that attempts to download malware. 
If successful, attackers use this infected computer as a pivot point to infect 
other computers in the network.
Another popular method of installing malware uses a pay-per-install approach. 
Criminals pay website operators to host their malware, which is often a fake anti-malware 
program (also called rogueware). The website operators are paid for every installation initi-
ated from their website. Payments vary, but in general, payments for successful installations 
on computers in the United States pay more. 
Although the majority of malware arrives from the internet, some is transmitted to 
systems via Universal Serial Bus (USB) fl ash drives. Many viruses can detect when a user 
inserts a USB fl ash drive into a system. It then infects the drive. When the user plugs it into 
another system, the malware infects the other system.

Download 19,3 Mb.

Do'stlaringiz bilan baham: