In association with heise online

19 August 2008, 16:34

Flash banners manipulate the clipboard

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A new Flash based clipboard attack on web browsers underscores how Adobe's Flash Player and ActionScript can make PCs vulnerable, as security experts have warned in the past.

According to US media reports, Flash banners that appeared on websites for Newsweek, Digg and MSNBC manipulated the clipboards on visitors' PCs. The banners copied the URL of a site, to the clipboard, that was supposedly an online antivirus scanner. This then sought to convince users to purchase software by frightening them with the message that their PCs were infected by a virus. Users who are in the habit of copying links from text and pasting them into their browser's address line were likely to have copied the URL to the spammers' site and ended up there.

The clipboard attack works under Windows and Linux, as well as on Mac OS X. The unfortunate side-effect of the attack is that as soon as the specially crafted Flash banner is loaded into the page, the user no longer has control of the clipboard and cannot copy anything to it. Security expert Aviv Raff provided a harmless demo of the attack at; it writes the URL to the clipboard overwriting any other data on the clipboard. To regain control of the clipboard, the user merely has to close the browser window or affected tab. To defend against the attack, deactivate the Flash player or install a Flash blocker.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit