Sign in to follow this  
Followers 0
cold_fire

Interesting Clipboard hijacking attack released

11 posts in this topic

Being an avid Slashdot reader, I noticed this in the RSS just now:

Adobe Flash Ads Launching Clipboard Hijack Attacks

Going to the Demo (WARNING, clicking on this link WILL hijack your clipboard, on any OS and any browser, it may require a restart. <insert standard disclaimer>), my clipboard (Ubuntu 8.04 and Firefox 3) is filled with a link to http://www.evil.com. Just thought this was an interesting new method of attack through web applications, as well as another reason to use flashblock. What do you think?

0

Share this post


Link to post
Share on other sites

I don't think setting the clipboard is too much of a big deal. However, grabbing the clipboard might be a bit nasty.

0

Share this post


Link to post
Share on other sites

Yes, I will agree that Hijacking the clipboard isn't a big deal really, but it can convince some of the inexperienced computer users to spam and report malicious URL's in forums, IRC, and otherwise. Just thought it was interesting, although I haven't had a chance to take a look at the code...I should do that sometime when I'm not busy

0

Share this post


Link to post
Share on other sites

It could really just become more of an annoyance than a security issue. If a lot of sites are implementing this, you could have a new link in your clipboard every 10 seconds :lol:

0

Share this post


Link to post
Share on other sites

if a lot of sites are implementing this they'll lose a lot of users.

very cool though

0

Share this post


Link to post
Share on other sites

Yet another good reason not to install flash. Other than it really sucks running flash in 64 bit linux.

0

Share this post


Link to post
Share on other sites
It could really just become more of an annoyance than a security issue. If a lot of sites are implementing this, you could have a new link in your clipboard every 10 seconds :lol:

I believe this is the big key here, is not the specific security risk, but the ad / marketing abuse that could occur. What if I was copy pasta some serious school work and I get a paragraph dropped because I was on some website that hijacked my clipboard?

0

Share this post


Link to post
Share on other sites
It could really just become more of an annoyance than a security issue.

What if they happened to place an exploit into the clipboard, such as a suspicious jpeg or the like which would cause a buffer overflow and remote execution on your machine as soon as it was pasted somewhere?

Do virus scanners actively check the clipboard? or do they assume that it must be safe as the contents must have be copied from somewhere which was previously scanned....

Cheers,

Mungewell.

0

Share this post


Link to post
Share on other sites
It could really just become more of an annoyance than a security issue.

What if they happened to place an exploit into the clipboard, such as a suspicious jpeg or the like which would cause a buffer overflow and remote execution on your machine as soon as it was pasted somewhere?

The chances of this actually working are so slim that it's practically impossible for this type of attack to occur.

Do virus scanners actively check the clipboard? or do they assume that it must be safe as the contents must have be copied from somewhere which was previously scanned....

Cheers,

Mungewell.

Some check it some don't.

Edited by WhatChout
0

Share this post


Link to post
Share on other sites
It could really just become more of an annoyance than a security issue. If a lot of sites are implementing this, you could have a new link in your clipboard every 10 seconds :lol:

I believe this is the big key here, is not the specific security risk, but the ad / marketing abuse that could occur. What if I was copy pasta some serious school work and I get a paragraph dropped because I was on some website that hijacked my clipboard?

Yes that's exactly what I was getting at, although being just an annoyance and not a horrendous security risk, it still is spam. Just another form of spam, which, really, is the last thing we need.

haha...copy pasta..

0

Share this post


Link to post
Share on other sites

I think we're going to see a lot more intrusive client-side attacks like this as RIA applications continue to be deployed on the web, especially with SilverLight, AIR, Curl, etc. beginning to take off.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0