Dan Raywood
August 18, 2008

Clipboards hijacked by furtive code

Security firms are warning about a web link that is surreptitiously stored in a user's clipboard. It has been found in Adobe Flash-based advertisements on otherwise legitimate websites and has attacked clipboards on both Windows and Macs.

Mikko Hypponen, chief research officer at security firm F-Secure, said the attack repeatedly replaces the clipboard contents with what users thought they had placed there, so that each piece of information the user copies to the clipboard is successively flushed and replaced by the malicious code as the Flash file plays.

"Users have resorted to re-booting their computer to get rid of the link and others have killed the process thread," Hypponen told SCMagazineUS.com. "It is not at all obvious to the user why the clipboard doesn't work."

As to how innovative the attack seems, he added, "All our work would be so much easier if our enemies would be stupid." 

Online editor Chuck Miller contributed to this story.

Related Articles
Related Topics

More in News

Event ticketing company hacked, at least tens of thousands affected

In the state of Maine alone, more than 22,000 Vendini customers were impacted.

Idaho State University to pay HHS $400K after investigation reveals shoddy security

The U.S. Department of Health and Human Services continues to ramp up its investigations of health care-related entities as a result of breaches.

Critical vulnerablilty discovered in industrial control product

The vulnerability was found in two programmable gateway devices often used by auto, food and manufacturing businesses in the United States. Meanwhile, a new study shows attacks against utility companies are growing.