A new web-based attack is making the rounds that tries to spread poisonous links by hijacking end users' clipboards.

Forum discussions here, here, here, here and elsewhere all report the same thing: the commenter surfs to a seemingly legitimate site (MSNBC.com comes up more than once) and suddenly a malicious link is copied to the clipboard. The rogue link remains even after the user copies a new batch of text. The only way to remove it is to reboot the computer.

The attack has been reported by Firefox users running both OS X and Windows, but we wouldn't be surprised to hear that other browsers and operating systems are also vulnerable. It's unclear exactly how the attack spreads. The Spyware Sucks blog posits here that banner ads transmitting bad Adobe Flash code is responsible, and that makes sense to us.

If you've encountered this attack, please leave a comment below detailing exactly where you encountered it.

Those behind the attack appear intent on propagating a link (for the record, it's xp-vista-update.net, but we recommend staying away) that claims users' PCs are petri dishes hopelessly infected with malware unless they are immediately cleaned by a fraudulent anti-malware program. By permanently attaching the link to the clipboard, attackers are betting the user will paste it in emails, blog posts or directly into a browser's address bar.

Attacks like these are another reason why running the NoScript extension on Firefox makes a lot of sense. It's not perfect, but it can insulate you from a huge amount of the attack code floating around on the web.

Source: The Register

TrackBack URI for this entry

Comments (0)

Subscribe to this comment's feed

Show/Hide comments

Show/Hide comment form

Name

Email

Title

Comment

smaller | bigger

Subscribe via email (Registered users only)

I have read and agree to the Terms of Usage.

Write the displayed characters

Add Comment