Firefox and Safari users under cyber attack

18 Aug 2008

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Windows and Mac users of the popular Firefox browser as well as users of the Apple Safari browser are being warned about a new cyber attack that targets the clipboard where copied text is stored.

After attacking the user’s clipboard, it then tries to spread poisonous links, which then stay in place even after the user copies new text. The only way to remove the programme is to reboot.

According to posts on discussion boards, the code that inserts the link to a seemingly harmless MSNBC.com address has been found in flash-based adverts on many legitimate websites.

The attack works by exploiting Adobe Flash files used to make display adverts in such a way as to flush the clipboard of text and re-insert malicious text in its place. Those following the link get taken to a page advertising a bogus anti-virus security programme that tells them their machine is riddled with malicious software.

According to security analyst Chris Boyd of malware research firm Facetime Security, the attack has also been propagated via spam email with links to the rogue sites. “After a week or two of seeing CNN spam and then MSNBC, both of which allude to ‘breaking news stories’ in order to get people’s attention, it seems those behind these attacks are now sending out plain emails with none of the allusions to being from major news networks — they simply say ‘Breaking news’ in the title field,” Boyd said.

By John Kennedy

66

DAYS

4

HOURS

26

MINUTES

Buy your tickets now!

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com