Pastejacking Attack Appends Malicious Terminal Commands To Your Clipboard

An anonymous reader writes: "It has been possible for a long time for developers to use CSS to append malicious content to the clipboard without a user noticing and thus fool them into executing unwanted terminal commands," writes Softpedia. "This type of attack is known as clipboard hijacking, and in most scenarios, is useless, except when the user copies something inside their terminal." Security researcher Dylan Ayrey published a new version of this attack last week, which uses only JavaScript as the attack medium, giving the attack more versatility and making it now easier to carry out. The attack is called Pastejacking and it uses Javascript to theoretically allow attackers to add their malicious code to the entire page to run commands behind a user's back when they paste anything inside the console. "The attack can be deadly if combined with tech support or phishing emails," writes Softpedia. "Users might think they're copying innocent text into their console, but in fact, they're running the crook's exploit for them."

Open source unix virus

[140Mandak262Jamuna]

Clip board and command line? Wasn't there already a unix virus like that?

Subject: Unix virus

You have been attacked by the unix virus. Please forward this mail to everyone in your .mailrc and delete a bunch of files from $home

Re:Open source unix virus

[BlackPignouf]

My favorite is still writing

echo "sleep 1" >> ~/.profile

inside the .profile of my colleagues when they leave their terminal open.
A few weeks after, I complain that my Windows desktop seems to be always booting slower and slower, but that hopefully, it's never been a problem with Linux.