ENTRY POINT
You access a hijacked website. Malware downloads silently and you don’t notice that you’re being infected.
DISTRIBUTION
The initial malware redirects to an exploit server using techniques based on what you’re working with (Windows/Mac/Android, IE/Safari, Flash, etc.).
EXPLOIT
Commercially available and supported exploit packs will attempt to leverage vulnerabilities in the OS, browser, Java, PDF reader, media player and other plugins.
INFECTION
The malware downloads a malicious or unwanted payload that will steal data or credentials, extort money, perform cryptocurrency mining, or turn your machine into a bot.
EXECUTION
Malware calls home with sensitive data like credentials or banking and credit card information, or tricks you into paying directly, or shares cryptojacking results with a pool.