Drive-by downloads are files that download to your device without your knowledge or consent, often just by visiting a compromised or malicious website. Unlike software you intentionally choose to download, these happen in the background—no clicks required. They can install malware, spyware, or other unwanted programs. Keeping your browser, plugins, and antivirus software up to date helps protect against them.
A well-known example is the Angler Exploit Kit, which was widely used around 2015–2016. Hackers would compromise legitimate websites or use malicious ads (malvertising) to redirect visitors to a page that secretly scanned their system for vulnerabilities—usually in outdated software like Flash, Java, or Internet Explorer. If it found a weakness, it would silently download and install malware, often ransomware or banking trojans.
Victims didn’t have to click anything—just loading the page was enough. This made drive-by downloads especially dangerous and hard to detect until it was too late.