Cyber-criminals use web exploits, drive-by downloads and exploit kits to spread malware and/or facilitate criminal activity. If a website has been compromised (hacked) or displays malicious ads, they can exploit the vulnerable software on your computer. When you visit a website that tries to exploit your browser (or Flash), it will do so from the start...staying on the site for a few minutes or one hour doesn't make any difference.
In simplistic terms...an exploit is some kind of malicious action intended to take advantage of vulnerabilities (security flaws) in a browser, program, or operating system that is out of date. A drive-by download refers to the unintentional download of a virus or malicious software by visiting a compromised website that is running malicious code or an HTML-based email message that redirects to such a website.
There are basically two types of exploit attacks:
1. Cyber-criminals who exploit unknown software vulnerabilities (zero-day) to infect computers with up-to-date software.
2. Cyber-criminals who use exploit kits which take advantage of known software vulnerabilities to infect computers that are not using up-to-date software. Exploit Kit activity is on the rise...see Exploit Kit Infrastructure Activity Jumps 75 Percent in 2015.
The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever.
Exploit kits are a type of malicious toolkit used to exploit security holes found in software applications...for the purpose of spreading malware. These kits come with pre-written exploit code and target users running insecure or outdated software applications on their computers.
Tools of the Trade: Exploit Kits
According to An Overview of Exploit Packs and their exploits (December 2014) the majority of victims were running up-to-date software when they were exploited. Code Reuse Attacks (software exploits that allow attackers to execute arbitrary code on a compromised machine) are among the most popular exploitation techniques used by attackers today since there are few practical defenses that are able to stop such attacks on arbitrary binaries without access to source code.
Malvertising (malicious advertising) is the use of online advertising to spread malware. Attackers use online advertising channels to deliver malware to unsuspecting users by embedding malicious code within legitimate advertisements on trusted websites.