Unlike traditional malware, such as viruses or trojans that are usually created by thrill-seeking individuals trying to cause chaos, exploits are part of a growing category of malicious and frequently for-profit applications used by international criminal cyber gangs.
Most exploit infections occur by what's known as a drive-by download, in which malicious code is force-downloaded onto a user's computer without their knowledge.
This occurs the moment the user visits a compromised web site, which may well appear completely innocuous. The payload, usually in the form of a rootkit, then exposes the user to damage from spyware, keyloggers, and other crimeware.
Many Internet users mistakenly believe as long as they're not visiting pornographic or illegal file sharing sites, they're safe from exploits. The truth, however, is that even trusted web sites cannot always be trusted.
Similar to the business model employed by spammers, the exploit distributors use a tiered distribution system, usually composed of a single master exploit server that controls a large network of servers hosting innocent-seeming web sites that in turn act as lures for unsuspecting visitors.