How a Web Attack Works: The Five Stages

How a Web Attack Works


You access a hijacked website. Malware downloads silently and you don’t notice that you’re being infected.


The initial malware redirects to an exploit server using techniques based on what you’re working with (Windows/Mac/Android, IE/Safari, Flash, etc.).


Commercially available and supported exploit packs will attempt to leverage vulnerabilities in the OS, browser, Java, PDF reader, media player and other plugins.


The malware downloads a malicious or unwanted payload that will steal data or credentials, extort money, perform cryptocurrency mining, or turn your machine into a bot.


Malware calls home with sensitive data like credentials or banking and credit card information, or tricks you into paying directly, or shares cryptojacking results with a pool.