Google engineers have begun to work on adding the download protection of Drive-by to Chromium, the open source browser engine on which Chrome is based.
The feature is already active in the current edition of Chrome Canary and is scheduled to land in the stable version, in Chrome 73, scheduled for launch in March or April.
With regard to non-technical users of ZDNet, "drive-by download" is a term used in the information security industry (infosec) to describe a download that happens without the user's knowledge.
Not all hard disk downloads are considered malicious, since some URLs have the objective of activating a download of files when you access them.
However, when a download on a web page of an iframe hidden in its code is triggered, these types of downloads are almost always malicious.
These occur normally when the iframe elements that show ads contain malicious code that triggers the download of the disk or when users access a hacked site where hackers have left a hidden iframe to infect visitors.
"We intend to avoid downloading in sandboxed iframes that do not have a user gesture, and this restriction could be raised through a" allow-download-without-activation "keyword the user ", if it is present in the list of sandbox attributes," said Google in a public document that contains its plan of implementation of functions that it published at the beginning of this week
Google intends to add download protection for all versions of Chrome, except for that provided for iOS, which is not based on the Chromium engine, but on WebKit (Safari engine), where this one type of protection is not supported yet. .
Browsers like Internet Explorer and Firefox have been blocking hard drive downloads for years, from at least 2015.
Since this is a very useful security feature, it is also expected that other Chromium-based browsers – such as Opera, Vivaldi, Brave and Microsoft Edge – will also implement this.
In the long run, it expects this feature to thwart a lot of advertising campaigns: criminal groups that hide malicious code within ads to remove attachments of malware on users' computers.
The feature is not expected to stop attacking downloads from "hole attacks", a term that is used to describe when hackers compromise a website and leave a hidden iframe behind to activate the download of discs. This is because hackers already have access to the source code of the compromised site, and they can only use the iframe attribute that Google engineers plan to add to instruct Chrome to disable disk download protection when they are represented the iframes
Approximately 0.002117 percent of all pages loaded in Chrome trigger a hard disk download, according to Chrome statistics [1, 2].
More browser coverage: