Malicious Flash ads attack, spread via clipboard

Flash ads on legitimate sites are pasting malicious links into peoples' clipboards and spreading as people unwittingly paste them into e-mails, blogs, and IMs.

A new type of Internet-based attack is spreading in which Flash-based ads seize control of a Web surfer's clipboard and paste in a link to a malicious site in the hopes that it will be spread from there into e-mails, blogs, and instant messages.

The ads have been spotted on MSNBC.com, Newsweek.com, and Digg.com, and victims have reported on numerous forums and blogs that they appear to be fake alerts that a virus has been detected on the computer and offer to clean it up, according to antivirus vendor Sophos.

The malicious link, which includes "xp-vista-update" in the URL, is copied into the clipboard and can not be over-written by copying new text to the clipboard. Users must reboot the computer to remove the link, The Register reports.

The malware appears to affect Mac, Windows, and Linux machines and Firefox, Internet Explorer, and Safari browsers, according to ZD Net's Zero Day blog.

Chris Thornton, who created the "ClipMate" clipboard extender for Windows, gave an interesting description of the situation on his Clipboard Extender Dot Com blog:

"Someone wrote a little piece of Adobe Flash code to copy text to the clipboard. Then they put it in a loop, to do it once a second. Then they put it in an innocent-looking flash-based banner ad, with their harmful URL as the payload. Then they signed up for some advertising networks, and submitted their bad ad, presumably paying considerable $$$ to get it featured on sites that you and I visit regularly, such as MSNBC and Digg. And when someone has this ad loaded, they can copy all they want, but everything they paste will be just that URL. So if you are writing an e-mail to Aunt Millie, telling her to look at your eBay auction located at (paste), or to download Picasa to organize her photos - download here (paste), she's going to get the virus when she visits the bad site."
Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Metal Gear Solid V gets a perfect 10

Jeff Bakalar talks with GameSpot's Peter Brown about his perfect 10 review score of Metal Gear Solid V: The Phantom Pain.

by Jeff Bakalar