Aug 17, 2008

Mac Users Get Clipboard-Jacked At Digg, Facebook

Macs dont actually get attacked by malicious code, right? No, they do, even if its a comparatively rare thing.

Consider this support thread on apple.com in which a Mac user using Firefox complains about how his clipboard gets hijacked. Once he visits a certain site, a top-level link off of digg.com, his clipboard gets stuffed with a malicious link (to Windows malware) and nothing else can change the clipboard contents.

Oh yes, that's right, Firefox also gets attacked now and then, despite conventional wisdom to the contrary.

Other readers piped up to relate similar circumstances on other sites, including Facebook and lime.com. In fact, this attack was first reported about a week ago on the Spyware Sucks blog. Of course it is meant to target Windows systems and works well on them too.

If you think you are experiencing this attack take note of what sites you have open. One reader reported that the attack was only active while the page was open. So you should eventually be able to end it by closing browser windows one at a time.

There is a security setting for Internet Explorer to block/allow programmatic access to the clipboard, and the default is to prompt the user. You can test this harmlessly at tinyurl.com.

clipboard.jpg

Back on the Spyware Sucks blog entry comments indicate that the prompt setting isn't working; users are getting attacked in spite of this setting. We can't confirm this.

(full story)

No comments: