Flash banners manipulate the clipboard
A new Flash based clipboard attack on web browsers underscores how Adobe's Flash Player and ActionScript can make PCs vulnerable, as security experts have warned in the past.
According to US media reports, Flash banners that appeared on websites for Newsweek, Digg and MSNBC manipulated the clipboards on visitors' PCs. The banners copied the URL of a site, to the clipboard, that was supposedly an online antivirus scanner. This then sought to convince users to purchase software by frightening them with the message that their PCs were infected by a virus. Users who are in the habit of copying links from text and pasting them into their browser's address line were likely to have copied the URL to the spammers' site and ended up there.
The clipboard attack works under Windows and Linux, as well as on Mac OS X. The unfortunate side-effect of the attack is that as soon as the specially crafted Flash banner is loaded into the page, the user no longer has control of the clipboard and cannot copy anything to it. Security expert Aviv Raff provided a harmless demo of the attack at http://raffon.net/research/flash/cb/test.html; it writes the URL www.evil.com to the clipboard overwriting any other data on the clipboard. To regain control of the clipboard, the user merely has to close the browser window or affected tab. To defend against the attack, deactivate the Flash player or install a Flash blocker.
See also:
- Can not copy and paste, Forum entry on Ubuntu Forums
- Clipboard being taken over through website, Apple Discussions forum entry
(djwm)