Malware tricksters launch Flash attacks

Clipboard hijacking

By Egan Orion

Wednesday, 20 August 2008, 03:57

SOME BIG WEBSITES – including Digg, MSNBC and Newsweek – are being salted with malware-infected Adobe Flash banner ads that take over users' system-wide clipboards.

Any web browser on Windows, Mac and Linux systems that runs Flash, which is almost all of them including Microsoft's Internet Exploder, Apple's Safari and Mozilla's Firefox, is said to be vulnerable.

The malicious adverts place a persistent URL on the wibbler's clipboard, which points to a fake anti-virus program that presumably contains malware like a Trojan, keyboard logger, zombie robot or rootkit. The user has to close and restart the web browser or even reboot the system in order to purge the offending URL and make their clipboard usable again.

It's apparently not known yet how the offending banner ads are being inserted or served. µ

L'Inq
Zdnet bog

Trojan horse phishes for bank accounts Under Firefox Friday, 5 December 2008, 01:06 AM Read more	Snow Leopard reviewed Mac OS X 10.6 is a faster and future-proofed update to Leopard Friday, 28 August 2009, 11:46 AM Read more
Apple provides virus protection in Snow Leopard upgrade Faith is not enough Wednesday, 26 August 2009, 10:47 AM Read more	Brits still suffering from the pinch The virus, not the economic downturn Wednesday, 4 February 2009, 13:41 PM Read more
Javascript debugging Three ways to edit and debug Javascript code Friday, 7 August 2009, 10:14 AM Read more	iWork trojan turns Macs into Zombies But they are too stupid to notice Monday, 20 April 2009, 17:16 PM Read more

Comments

Here we go!

Flash is the new IE. Adobe has made it do so much that now and gotten it in a market position that it _IS_ the new vector for malware. Everyone has it, regardless of OS, Browser, or device. Time for everyone to uninstall...

posted by : Dan, 20 August 2008 Complain about this comment

Just tried it in Linux...

I have tried the "proof of concept" linked from the referenced website. While in Windows I had to close all my FireFox instances to finally get rid of the URL, I could just overwrite it on my Linux machine - might be it only worked because I have to use the wrapper for flash because I am using 64bit Linux and Adobe so far did not release a 64bit version of his flashplayer...

posted by : Christopher Lee Thomas, 20 August 2008 Complain about this comment

As Predicted

See security related comments at

http://www.theinquirer.net/gb/inquirer/news/2008/04/30/sony-ericsson-merges-flash-java
http://www.theinquirer.net/gb/inquirer/news/2008/06/02/adobe-releases-acrobat
etc.

The problem is not just the malware in form of Adobe Macromedia Flash encapsulated ads, the problem is Adobe's inability to address security issues with its software. That is one reason why I will never install Adobe software.

If people would read up on how their privacy is being violated by Adobe Macromedia Flash, perhaps they would have another reason to uninstall the Adobe Macromedia Flash software.

DRM in Adobe Macromedia Flash would be another reason to ditch Flash for good. The sooner the better.

posted by : Flush Flash, 20 August 2008 Complain about this comment

Most read
Most commented
Most popular

INQ Whitepapers

Will you be buying a new computer this Christmas?

Yes, a new computer will be under the tree

Yes, a netbook will fit my stocking nicely

No, but will be upgrading some components / building my own

No, my computer works fine if I change the oil often enough

Bah humbug, I'll wait for the January sales to decide

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Malware tricksters launch Flash attacks

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

CRM Database Manager

CRM Database Manager. I am ...

Read more

.NET Developer

My client is currently recr...

Read more

Web Master

My client is currently look...

Read more

GRADUATE RECRUITMENT CONSU

Our client operating in mul...

Read more

TRAINEE EDUCATION RECRUITM

My client is a leader in Ed...

Read more