How To Avoid A Java Drive By

What is a Java Drive-by?

“Download of spyware, a computer virus or any kind of malware that happens without knowledge of the user. Drive-by downloads may happen by visiting a website, viewing an e-mail message or by clicking on a deceptive popup window: the user clicks on the window in the mistaken belief that, for instance, it is an error report from his own PC or that it is an innocuous advertisement popup; in such cases, the “supplier” may claim that the user “consented” to the download though he was completely unaware of having initiated a malicious software download”

How To Avoid Being Attacked

firefoxff81. Download and Install Firefox and Set as Default Browser.
2. Search Add-ons or Google for No-Script
3. Install No-Script into Firefox
4. *Optional* Download and Install Ad Block Plus for Ads.

I know it will not block all attacks but should prevent most Drive-by’s from happening.

1. Update Java.

Update Java to the latest version as most of the vulnerabilities in the previous versions are fixed in the new release.
To Update Java Go HERE

2. Use Recognized Browser.

Use those Internet Browsers which has Branded Value Like:
1. Mozilla Firefox.
2. Google Chrome.
3. Internet Explorer.
4. Opera.
5. Safari.

3. Turn-OFF Java.

I know this can be a disaster since you wont be able to enjoy the internet to full,but to be 100% safe you can use this method.

4. Don’t Trust Obscure Links.

Dont go on clicking on a <100 words long link> as it can be harmful.Trust Short and Meaningful Links

5. Use Sandbox To Browse

6. Use McAfee Site advisor or WOT.

McAfee has a product named site advisor which tests the site you visit for Malicious Viruses,another is WOT an addon for firefox which works in a same way.

1. McAfee Site Advisor
2. WOT

NOTE: NEVER check the ”Always trust content from this publisher” as this can be exploited.

How to Stay Safe Online

Many people think that a computer can only be infected by directly downloading a file, which is completely wrong. People also think, just having an anti-virus, means they will never become infected. The internet can be one of the best places, yet one of the worst. Considering malware is becoming more and more advanced daily (becoming undetectable, hiding under legitimate process names, disguising as Java applets or ActiveX components, etc.) We need to be on our toes to prevent the chances of becoming infected. I will be covering safety tips to keep your computer safe from infections.

Download an Anti-Virus

An anti-virus or an ‘AV’, is a type of software that is used to find, protect, and remove malware. Many of the newest anti-virus software comes with great web protection, which can be vital to ensure your safety online. AV’s with web protection can help you by warning you how safe a website is. Although you don’t need an anti-virus to protect you online, it is recommended you do have one to ensure maximum safety. Most companies that make AV’s typically have different packages depending on the security and extra features, such as; Avast!, Kaspersky, and AVG. Of course, if you buy the Internet Security packages of these AV’s, your protection online will be substantially better. Be sure to have only one anti-virus running at one time.

Download a Firewall

A firewall is a piece of software that is an essential part of your protection online. It can prevent DDoS/DoS attacks, it can prevent a hacker from infiltrating your network, shares your privacy to a greater degree, etc. Below is a list of a few, great firewalls. All have been recommended by numerous people.

Comodo Firewall
Online Armor
Zone Alarm

Avoid Torrents and Other Downloads

Why avoid torrents, when you can get all the music you want, for free? Because some files in torrents might be binded to other files; namely a form of malware. It’s okay to use torrents, but be careful with what you download, and always try to download from a trusted user. Same thing goes for regular downloads, this includes; games, movies, music, pictures, etc. For example, you see a program online you like, and you don’t want to pay for it, it’s possible it can be infected. Be hasty when downloading, it can be binded with a malware. Before downloading any type of file off the internet, please read the comments about the download if there are any. It could be the thing that prevents you from getting infected. In no way, shape, or form, am I saying stop using torrents, and downloading offline, just be careful.

Media files (ie. .mp3, .avi., .jpg, etc.) that are binded with malware can be easy to spot if you’re good with computers. If a media file was binded with malware, it would be called something along the lines of; Songname.mp3.exe or If you see ‘.com’ or ‘.exe’ in a media file, steer clear of that file, and remove it from your computer immediately.

How To Check if a File is Actually Infected

Run the file in Sandboxie. Sandboxie is a program that runs other files, programs, URL’s, etc. in a secluded place on your computer, without the risk of infection. If you suspect a file is infected, you can run the file in Sandboxie, and see if it drops any traces of malware.
Run the file in a virtual machine. A virtual machine or a ‘VM’ is a program that lets you install another Operating System inside the program. This can be great to use for testing infected files, because you can run the file on the VM’s Operating System, and not on your main one. This can save you from becoming infected.
Submit the file to online malware file scanners/analyzers, such as; Virus Total, NoVirusThanks, Anubis. Virus Total and NoVirusThanks are used to scan the submitted file to different anti-viruses, and gives you the results back. While Anubis, on the other hand, actually sees what the submitted file does to a computer, with information, such as; Temporary Files created, Registry changes, Affected files, etc. These websites are outstanding when it comes to analyzing and scanning files.
Scan the file with your anti-virus. It’s as simple as it sounds. It might not be the most effective solution, but it’s quick and easy.

Avoid Phishers
‘Phishing’ is the technique of stealing user names and password through a fake log-in page. The fake log-in page tends to look similar, if not, identical to the original page. If you enter your information into the illegitimate log-in page, the log-in info you used will be sent to the hacker, without your knowledge of this happening.

Recently, there has been a new type of a phishing attack discovered. It is called ‘tab-nabbing’. Here’s what it does: Say you log into Facebook, and you need to open a new tab for whatever reason. Once it is detected you are away from the web page, the ‘tab-nabber’ changes the ‘favicon’ of the web page (in this case, Facebook.) It then typically redirects you from the page, and asks you to log into the page again. You normally wouldn’t think it could be harmful to you at the moment, because you see the ‘favicon’ and you think you’re logging into the original website.

How to Prevent Falling Victim to a Phisher
Always check the URL address of the website you are about to sign into.
Don’t give out your information in e-mails that pretend to be your bank account. This is a very common method of stealing one’s credentials. The victim will receive an e-mail from their ‘bank’, asking for their credit card number, name, etc. to verify themselves, or something of the sort. The hacker then uses the information given by the victim to commit fraud, identification theft, etc. Sadly, multiple people fall victim to this.
Avoid ‘generators’. What I mean by that, is avoid programs or web pages that say they can give you “free points” or “free membership.” None of them are real, and are either malicious, fake, or even a phisher.

Clear Your Cookies

An HTTP cookie, or more commonly known as a ‘cookie’ is a form of text that is stored into the user’s web browser. A cookie can be used for authentication or anything else that is completed through storing data. You can clear your cookies and cache either through your web browser, or using a program such as; ATF Cleaner. The more cookies you have stored, there’s higher possibility your internet will run slower. Cookies are not malicious in any way, as they cannot execute themselves. Although, they can be used as spyware, because cookies can track what you do online, and can be used to invade your privacy, or even cause malware related problems in the future.

Ways To Avoid Cookies
You can easily avoid cookies by modifying a few settings in your web browser.

Internet Explorer
Tools > Internet Options > Security Tab > Set security level to “High”, or Custom level > Cookies > Disable.

Mozilla Firefox
Tools > Options > Privacy > Cookies > Remove the check next to the “Allow sites to set cookies” option.

How To Clear Your Cookies
You can easily clear your cookies, either through a program such as CCleaner

Mozilla Firefox
Click on Tools button > Click on ‘Choose Recent History’ > Make sure the ‘Cookies’ box has a check mark next to it > Click the ‘Clear Now’ button.

Internet Explorer
Click on Safety button > Click on ‘Clear Browsing History’ > Make sure the ‘Cookies’ box has a check mark next to it > Click the ‘Delete’ button.

Google Chrome
Click on the ‘wrench icon’ on the toolbar > Click ‘Clear Browsing Data’ > Place a check mark next to ‘Delete Cookies’ > Click the ‘Clear Browsing Data’ button.

Other Security Tools
Malwarebytes’ Anti-Malware is an excellent offline malware scanner.
ESET Online Scanner is an online malware scanner. This version must be used in Internet Explorer.
ATF Cleaner is an application that cleans out temporary files, cache, cookies, etc.
HijackThis is a program that generates a log of many entries. This is an indispensable when it comes to removing finding malware. The log created is analyzed by a HijackThis Helper
to determine infections. Other programs and methods are used remove the infections. Never try to remove any entries in HijackThis, it could only cause more harm, if you don’t know what you are doing!

My final advice is to use your common sense when it comes to browsing the internet. Many people run their computers and surf the internet without an anti-virus, because they tend to know what’s legitimate, and what is not, and always take caution in what they do online.