Malware 101: How do I get malware? Complex attacks


In other posts, we’ve explained the different types of malware on the threat landscape, and some of the less complicated ways your computer can become infected with malware. In this article we’ll talk about…

In other posts, we’ve explained the different types of malware on the threat landscape, and some of the less complicated ways your computer can become infected with malware. In this article we’ll talk about the more complicated types of attacks that cybercriminals use to try to get your information.

Help protect your digital life on your devices.

Are you afraid of losing your personal information or all the precious things on your computer? Get comprehensive protection with Norton Security Deluxe across all your devices – up to 5 PCs, Macs, smartphones or tablets.

Create an account today and try it free for 30 days on up to 5 of your devices.

Exploit Kit

Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a target’s computer. The kits come with prewritten code that will search for the vulnerabilities, and once it is found, the kit can then inject malware into the computer through that security hole.

Malicious Websites and Drive-by-downloads

A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit. There is no interaction needed on the user’s part other than visiting the infected webpage. The exploit kit will look for a vulnerability in the software of the browser, and inject malware via the security hole.


Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals. The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code. Similar to a drive-by-download, there is no interaction needed on the users’ part to download the malware.

Man-in-the-middle (MitM) Attack

A Man-in-the-middle (MitM) attack employs the use of an unsecured, or poorly secured, usually public Wi-Fi router. The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use. Once the attacker has found the vulnerability, they will then insert themselves in between the users’ computer and the websites the user visits and intercept the messages being transmitted between the two.

Man-in-the-browser (MitB) Attack

Similar to a MitM attack, all an attacker needs to do is inject malware into the computer, which will then install itself into the browser without the users’ knowledge. This malware will then record the data that is being sent between the victim and specifically targeted websites. Once the malware has collected the data it was programmed to collect, it then transmits that data back to the attacker. While the two attacks have the same goal, this attack is simpler in nature, as the attacker does not need to be within physical proximity of a router as in the MitM attacks.

Social Engineering

Social engineering is one of the most popular malware delivery methods, because it involves the manipulation of human emotions. Social engineering uses spam phishing via email, instant messages, social media and more. The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware. Usually, the messages come in the form of a scare tactic, stating that there is something wrong with an account, and that the user should immediately click on the link to log into their account or download an attachment that conceals malware. The link will lead the user to a copy of the legitimate website, in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.