Since 2010 I was following the browser exploits of (Silent Java drive by) methods and techniques, and after 2016 I’ve never heard of another “silent drive by” on the Markets, but another critical thing came through Browser Local storage.
as an example, to show how an attacker could force any PC system to download a executable file onto the system just directing the victim to visit a webpage no clicks needed.
Unlike the old Java Drive by methods which have been patched for many years, which used jar applets to allow VBS to execute on the local systems browser TMP folder.
This exploit works by using the browser Local Storage abilities, 90% of web browsers have built in Local Storage cache abilities which allow the them to store files onto the system and reference to these files later when re visiting the website. This allows the browser to reload images and video / SWF content of the website faster than it would normally load the content on the webpage by download.