I have been dealing with several malware exploits recently that I must admit I developed a grudging respect for the level of programing sophistication that was used. I just got done dealing with a Facebook distributed malware install that finally required a full system restore. I just found this article today, which describes yet another new attack vector.
Latest Sneaky Web Attack: Hijacking Your Clipboard To Post Spammy Links ((Mis)Uses of Technology)
by Michael Masnick from the now-that’s-creative dept on Monday, August 18th, 2008 @ 5:09PM
Spammers and scammers keep upping the game against security researchers, sometimes in creative ways. And, in fact, it would appear that the latest sneaky trick making the rounds is almost admirable in its sneakiness. For example, take a look at this latest hack, which hijacks your clipboard, and repeatedly places a link to a site for fake security software. The hijack takes place through flash advertisements (even those found on legit sites), which is all the more reason to use AdBlock or FlashBlock or NoScript or something to protect you. However, what it’s banking on, is the fact that plenty of people quickly cut and paste links they want to send around or post in other blogs and forums. When done quickly, many people won’t even notice that they’re not pasting the link they thought they cut from elsewhere — thus getting lots of folks to inadvertently spam links. This must be incredibly annoying for those who get hit with it, but that doesn’t take away from the creativeness of the attack itself. Even security researchers, like Mikko Hypponen, are grudgingly tipping their hats on this hack: "It is a pretty clever technique. Our work would be so much easier if our enemy would be stupid."