Latest Sneaky Web Attack: Hijacking Your Clipboard To Post Spammy Links

from the now-that's-creative dept

Spammers and scammers keep upping the game against security researchers, sometimes in creative ways. And, in fact, it would appear that the latest sneaky trick making the rounds is almost admirable in its sneakiness. For example, take a look at this latest hack, which hijacks your clipboard, and repeatedly places a link to a site for fake security software. The hijack takes place through flash advertisements (even those found on legit sites), which is all the more reason to use AdBlock or FlashBlock or NoScript or something to protect you. However, what it’s banking on, is the fact that plenty of people quickly cut and paste links they want to send around or post in other blogs and forums. When done quickly, many people won’t even notice that they’re not pasting the link they thought they cut from elsewhere — thus getting lots of folks to inadvertently spam links. This must be incredibly annoying for those who get hit with it, but that doesn’t take away from the creativeness of the attack itself. Even security researchers, like Mikko Hypponen, are grudgingly tipping their hats on this hack: “It is a pretty clever technique. Our work would be so much easier if our enemy would be stupid.”

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Latest Sneaky Web Attack: Hijacking Your Clipboard To Post Spammy Links”

Subscribe: RSS Leave a comment
18 Comments
Nick Stamoulis (user link) says:

Wow! Thats pretty sneaky…they never fail to think up new ways to spam huh? Speaking of new ways of spamming, our friend Kate Dickman recently found a malware/spam site randomly ranking for her name on the Google SERP

http://katedickman.com/2008/08/17/oh-my-word-a-new-way-to-spam-serp-spam/

… scary how many ways they can get you.

Igor says:

Re: Re:

It is incredibly sneaky and seems to me more like an exercise than anything really practical. I mean, how many people will paste something they know they never copied, and then still allow that alien text to go out to the world? Additionally, it seems that any kidn of quality security software will head this one off, so I can’t see it being a threat. Cute little piece of code though, I’ll give them that.

Kate Dickman says:

@Dave Barnes Well what I’m getting and what you’re getting must be different. When I click on the link – it starts psychotically scanning the computer with tons of pop ups and porn photos and prompts an .exe file to be executed….you’re bold. I DEFINITELY didn’t intstall it so whether it infects your computer or not – I’m not wlling to take the chance. It seems to be a spammy site with the opportunity to infect your computer with malware. The fact that a sketchy spammy site like that even RANKS for my name out of nowhere — is spammy enough and a security risk in my opinion.

Peter Thomas (user link) says:

Re: Re:

I’m willing to bet that Dave is a smug Linux or Apple Mac user. Basically, he’s saying “I’m better than you because you’re a pleb using that common operating system which I dare not even name!”

(For the record, I’m a user of Windows, Linux and Apple Mac, even at home. I’m platform-agnostic, I just use whatever is best for the job. I think anyone who gets involved in these OS pissing contests seriously needs to grow a pair.)

Kate Dickman (user link) says:

@Dave Barnes Well what I’m getting and what you’re getting must be different. When I click on the link – it starts psychotically scanning the computer with tons of pop ups and porn photos and prompts an .exe file to be executed….you’re bold. I DEFINITELY didn’t intstall it so whether it infects your computer or not – I’m not wlling to take the chance. It seems to be a spammy site with the opportunity to infect your computer with malware. The fact that a sketchy spammy site like that even RANKS for my name out of nowhere — is spammy enough and a security risk in my opinion.

Andrew D. Todd (user link) says:

Dysfunctional Relationship

Mozilla needs to recognize that it has a dysfunctional relationship with Adobe. If Mozilla will not recognize this, then forking is in order. Once the dysfunctional relationship is recognized, the remedies are fairly simple.

I’ll try not to be smug like Dave, but I’ve got a Windows Machine and a Linux machine on the same desk, with a KVM switch and so forth to tie them together, and I’m sort of gradually transitioning over to the Linux machine. On the Linux machine, (Gnome) Evince is a basically satisfactory Acrobat document reader. It doesn’t do some of the advanced scripting features, but it seems to read essentially any real-world Acrobat document I try it on. Mozilla needs to come up with the funding to get Evince ported to Windows, and to bundle it into the various Windows Mozilla distributions. I understand that GNASH, the Free Software Foundation’s replacement for Flash, is not as far along as Evince, and no doubt some additional work would be in order. People may still need to use Adobe products, but let this be reserved for the rare cases of files which will not run on Evince or GNASH, and let people choose to save the files and then run them, as a matter of calculated risk.

Thom says:

No Flash

When I finally got around to installing XP back in 2003 the first thing I did was tweak it and remove all the unnecessary cruft. One of the first pieces of cruft I removed was Flash and it hasn’t been back in the five years since.

Is there a rare YouTube video that I’d be inclined to view but can’t? Sure. Is there an occassional website I’d like to visit but can’t because it’s Flash only? Sure. Those cases are rare though and rarer still are the instances where the desire has been more than a fleeting fancy and caused me to sit down at another pc.

What’s not so rare are the hundreds of thousands of dollars that Flash only websites have lost because I turned to their competitors. What’s not so rare are the security vulnerabilities that I don’t have to fret about. What’s exhiliratingly exceedingly abundant are all the Flash ads that never load to slow my browsing experience or annoy and distract me.

Flash is the tool of satan, umm marketing but they’re one and the same, and no such tool will ever reside on my PC.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...