Adobe Flash Ads Launching Clipboard Hijack Attacks

Posted by kdawson on Tuesday August 19, 2008 @01:54PM from the poisoning-the-ad-pool dept.

bullyBEEF writes "Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which affect Mac, Windows, and Linux users running Firefox, IE, and Safari, bad guys are seizing control of the machine's clipboard (probably using the Flash command setClipboard) and inserting a hard-to-delete URL that points to a fake anti-virus program. A number of legitimate sites have been seen to host ads carrying the attack — including Newsweek, Digg, and MSNBC.com. Researcher Aviv Raff offers a harmless demo of how it's done."

2 of 353 comments (clear)

Min score:

Reason:

Sort:

Re:confirmed on mac os x 10.5.4 by Anonymous Coward · 2008-08-19 16:26 · Score: -1, Troll

I'm interested how this flash movie stays in memory and keeps running. I seems like it attaches to something to keep its instance running.

It somehow attaches to something to magically keep its instance running ... or ... it copies its data to the fuckin' clipboard in a fraction of a second and has no need to keep running.
Re:Remind me again... Why has Flash clipboard acce by Anonymous Coward · 2008-08-19 17:22 · Score: -1, Troll

Because you touch yourself at night.