{"id":347,"date":"2008-08-21T08:57:24","date_gmt":"2008-08-21T07:57:24","guid":{"rendered":"http:\/\/blog.intego.com\/?p=347"},"modified":"2008-08-21T08:57:24","modified_gmt":"2008-08-21T07:57:24","slug":"flash-clipboard-hijacking-attack","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/","title":{"rendered":"Flash Clipboard Hijacking Attack"},"content":{"rendered":"<p>It is being reported, such as <a href=\"http:\/\/blogs.zdnet.com\/security\/?p=1733\">here at ZDNet<\/a>, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the clipboard, via Flash, causing users to scratch their heads in wonder as the same URLs appear each time they try to copy and paste text. No matter what is copied, the same URL gets pasted, as the Flash attack rewrites the clipboard constantly. These URLs are to sites that, in turn, attempt to install malicious software, mostly that affects Windows computers.<\/p>\n<p>Reports show that the attack comes from Flash-based advertising on a number of legitimate sites, such as Newsweek, Digg and MSNBC.com. There is no visible sign of the attack until a user attempts to paste text.<\/p>\n<p>There&#8217;s an easy way to get rid of this attack, though: just close the browser window or tab that contains the malicious Flash ad, or, if you can&#8217;t figure out which window is guilty, quit the browser. Then, copy something to the clipboard to replace what had been injected there by the malicious ad. <\/p>\n<p>If you want to see this in action, security researcher Aviv Raff has set up a web page showing how it works: <a href=\"http:\/\/raffon.net\/research\/flash\/cb\/test.html\">click this link<\/a>. Try and paste some text after visiting that link; you&#8217;ll see that your clipboard contains the text &#8220;http:\/\/www.evil.com&#8221;. Next, close the tab, copy some text to the clipboard, then paste; you&#8217;ll see the URL is gone.<\/p>\n<p>This attack seems to affect all browsers on all platforms, as long as Flash is installed. We have not heard anything from Adobe about a fix, but it is likely that they will issue one soon.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the clipboard, via Flash, causing users to scratch their heads in wonder as the same URLs appear each time they try to copy and paste text. No matter what is [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Flash Clipboard Hijacking Attack - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2008-08-21T07:57:24+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/\",\"name\":\"Flash Clipboard Hijacking Attack - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"datePublished\":\"2008-08-21T07:57:24+00:00\",\"dateModified\":\"2008-08-21T07:57:24+00:00\",\"description\":\"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Flash Clipboard Hijacking Attack\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Flash Clipboard Hijacking Attack\",\"datePublished\":\"2008-08-21T07:57:24+00:00\",\"dateModified\":\"2008-08-21T07:57:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage\"},\"wordCount\":282,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/","og_locale":"en_US","og_type":"article","og_title":"Flash Clipboard Hijacking Attack - The Mac Security Blog","og_description":"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the","og_url":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/","og_site_name":"The Mac Security Blog","article_published_time":"2008-08-21T07:57:24+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/","name":"Flash Clipboard Hijacking Attack - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"datePublished":"2008-08-21T07:57:24+00:00","dateModified":"2008-08-21T07:57:24+00:00","description":"It is being reported, such as here at ZDNet, that a Flash clipboard hijacking attack is making the rounds. Malicious ads are injecting text into the","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Flash Clipboard Hijacking Attack"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Flash Clipboard Hijacking Attack","datePublished":"2008-08-21T07:57:24+00:00","dateModified":"2008-08-21T07:57:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/flash-clipboard-hijacking-attack\/#webpage"},"wordCount":282,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-5B","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/347"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=347"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/347\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}