Malware tricksters launch Flash attacks

Clipboard hijacking

By Desire Athow

Wednesday, 20 August 2008, 03:57

SOME BIG WEBSITES – including Digg, MSNBC and Newsweek – are being salted with malware-infected Adobe Flash banner ads that take over users' system-wide clipboards.

Any web browser on Windows, Mac and Linux systems that runs Flash, which is almost all of them including Microsoft's Internet Exploder, Apple's Safari and Mozilla's Firefox, is said to be vulnerable.

The malicious adverts place a persistent URL on the wibbler's clipboard, which points to a fake anti-virus program that presumably contains malware like a Trojan, keyboard logger, zombie robot or rootkit. The user has to close and restart the web browser or even reboot the system in order to purge the offending URL and make their clipboard usable again.

It's apparently not known yet how the offending banner ads are being inserted or served. µ

L'Inq
Zdnet bog

Trojan horse phishes for bank accounts Under Firefox Friday, 5 December 2008, 01:06 AM Read more	Snow Leopard reviewed Mac OS X 10.6 is a faster and future-proofed update to Leopard Friday, 28 August 2009, 11:46 AM Read more
Malware spoofs AVG web site Fake site def looks the part Wednesday, 26 November 2008, 11:28 AM Read more	Apple provides virus protection in Snow Leopard upgrade Faith is not enough Wednesday, 26 August 2009, 10:47 AM Read more
AVG update cripples Windows XP Better safe than sorry Thursday, 13 November 2008, 07:39 AM Read more	Brits still suffering from the pinch The virus, not the economic downturn Wednesday, 4 February 2009, 13:41 PM Read more

Comments

Here we go!

Flash is the new IE. Adobe has made it do so much that now and gotten it in a market position that it _IS_ the new vector for malware. Everyone has it, regardless of OS, Browser, or device. Time for everyone to uninstall...

posted by : Dan, 20 August 2008 Complain about this comment

Just tried it in Linux...

I have tried the "proof of concept" linked from the referenced website. While in Windows I had to close all my FireFox instances to finally get rid of the URL, I could just overwrite it on my Linux machine - might be it only worked because I have to use the wrapper for flash because I am using 64bit Linux and Adobe so far did not release a 64bit version of his flashplayer...

posted by : Christopher Lee Thomas, 20 August 2008 Complain about this comment

As Predicted

See security related comments at

http://www.theinquirer.net/gb/inquirer/news/2008/04/30/sony-ericsson-merges-flash-java
http://www.theinquirer.net/gb/inquirer/news/2008/06/02/adobe-releases-acrobat
etc.

The problem is not just the malware in form of Adobe Macromedia Flash encapsulated ads, the problem is Adobe's inability to address security issues with its software. That is one reason why I will never install Adobe software.

If people would read up on how their privacy is being violated by Adobe Macromedia Flash, perhaps they would have another reason to uninstall the Adobe Macromedia Flash software.

DRM in Adobe Macromedia Flash would be another reason to ditch Flash for good. The sooner the better.

posted by : Flush Flash, 20 August 2008 Complain about this comment

Most read
Most commented
Most popular

INQ Whitepapers

How is windows 7 working out for you?

I've installed it and I love it

I've installed it, but I don't see what all the fuss is about

It's crap and I'm reverting/changing OS

I'm not using Windows 7 yet

I'm not using Windows 7 and have no plans to do so

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Malware tricksters launch Flash attacks

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

QA Test Analyst - Finance

Skills required: Testing ex...

Read more

SAP NetWeaver / Basis Cons

Senior SAP Netweaver / Basi...

Read more

JAVA OR C# DEVELOPERS &#82

JAVA OR C# DEVELOPERS &#821...

Read more

Advanced Computer Scientis

Advanced Computer Scientist...

Read more

Java Developer - Finance -

Credit, Java, J2EE, Oracle,...

Read more