Engineers at Google are working on drive-by download protection for Chromium. Googles Chrome browser is based on the open-source engine Chromium. The feature is already on Chrome Canary edition, while a stable version will be on Chrome 73 when released in March or April.
Drive-by Download
A drive-by download is a term used for a download that occurs when the user isn’t aware. Some downloads are designed that way, such as URLs that trigger a download when accessed. Other files, however, such as those containing an iframe element, are often malicious.
Many iframe elements that contain ads trigger malicious code to trigger a download. This malware allows hackers to access the computer. Hackers also leave iframes on hacked sites to infect unsuspecting visitors.
According to Chrome statistics, around 0.002117 percent of pages loaded in Chrome, trigger a drive-by download.
Updated Chrome Versions
Google plans to include drive-by download protection in all Chrome versions. Apple’s iOS version won’t be getting the update, however, as it isn’t based on Chromium. The iOS version is based on WebKit (Safari) which doesn’t yet support this protection.
Other Browser Adoption
Internet Explorer and Firefox have been blocking drive-by downloads since at least 2015. However, other Chromium-based browsers are also expected to adopt this security feature. These browsers include Opera, Vivaldi, Brave and Microsoft Edge.
Adding this feature is expected to help reduce the number of attacks from malvertising campaigns. These campaigns hide malicious code inside ads to place infected malware files on user’s computers.
Ineffective for Compromised Websites
Chrome’s addition of drive-by download protection, won’t stop all iframe attacks. When hackers leave a hidden iframe in an existing website, users can still trigger the drive-by download without realising.
Because hackers will already have access to the code, they can instruct the iframe attribute in Google’s new feature to disable the protection.