Adobe investigates clipboard heist

Share this article:
Updated Thursday, Aug. 21 at 2:13 p.m. EST

Adobe said on Tuesday night that it is investigating Flash-based banner advertisements being used to hijack the clipboard program on victim's PCs.

"Adobe is currently investigating potential solutions to this issue and will update customers as soon as we have more information to provide," the company said on its Adobe Product Security Incident Response Team blog.

The attack can occur when users surf to a legitimate website hosting a rogue Flash ad, only to have a malicious URL copied to their clipboard, security experts said. The victims are unable to remove this link, which points to a fake anti-virus product for sale, without killing processes or restarting their computers.

Exploits, first reported on message boards last month, affect all of the major browsers, including Internet Explorer, Safari and Firefox.

Users are advised to deactivate the Flash Player and ActionScript, the programming language of Flash.

Sandi Hardmeier, author of the Spyware Sucks blog, told SCMagazineUS.com on Tuesday that the NoScript add-on in Firefox does not work to prevent against the attack.

A potential alternative is the Flashblock plug-in.

But Giorgio Maone, an Italian software developer, disputed Hardmeier's claims. He told SCMagazineUS.com in an email on Wednesday that NoScript does protect against Flash-based attacks
when set in its default configuration.





Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.