Technology news and Jobs 
Information Technology News Adobe Flash fingered in malware clipboard trickery
Information Technology News Adobe Flash fingered in malware clipboard trickery | Adobe Flash fingered in malware clipboard trickery |
|
| by Stephen Withers | |
| Wednesday, 20 August 2008 | |
|
According to security vendor Sophos, many users have found that if they copy a URL from certain legitimate sites and then try to paste that link, what actually appears is a completely different URL. In cases that Sophos has investigated, the destination site generates a bogus warning that the computer is infected with malware and offers to clean it - at a price. The same trick could be used to drive traffic to sites that really do download malware to visitors' computers. While it is relatively unusual to copy a URL from a web page and then paste it into a browser (unless you are looking for differences in the way the page is rendered), it's common to paste a URL into a document (eg, in Word or PowerPoint), into an email or instant message to share the page with a friend of colleague, or to include it in a comment in a blog or other web site. Since the problems start after visiting legitimate sites, Sophos officials speculate that the attackers have managed to poison Flash content in an advertising stream with code that modifies the clipboard. While Flash offers a method for setting the system clipboard, it does not provide a method for reading it "because of security concerns," according to Adobe's documentation.
|
Tags
| < Next story in category | Previous story in the category > |
|---|
