Hackers Using Clipboard to Sell Fake Antivirus Products

According to several online security experts, malicious attacks on clipboard inserted a hard to delete link that takes users to a fake security products selling Website. The link is embedded by a malicious code that is discovered in flash-based adverts. Flash-based adverts are usually found on many authentic Websites.

Moreover, users of Firefox browsers on Windows and Mac have been hit by this attack.

Chris Boyd, Security Analyst at Facetime Security, a malware research company, said that this attack is also spread through spam e-mail that contains links to malicious sites, as reported by SiliconRepublic on August 18, 2008.

The attack came into light when victims' reports about the weblink in discussion forums in place of content they posted on the clipboard. The attack works by exploiting files of Adobe Flash. These files are used to display advertisements in such a way as they endlessly flush clipboard with malicious links in place of content.

Furthermore, removing a link from clipboard is a troublesome exercise as it remains there even after copying a new batch of text. The link could only be removed by rebooting the system.

Also, security experts revealed that the malicious link leads users to a page where advertisements of fake antivirus security software are displayed. These security programs misguide users saying that their machines are riddled with malevolent software.

Furthermore, people behind the attack intend to propagate the link which claims that users systems are petri dishes infected by malware. The malware can be removed from the system through antivirus program. By attaching the link permanently to the clipboard, hackers are hoping that users will include it in e-mails, browser's address bar and blog post.

According to the Chief Research Officer at F-Secure, Mikko Hypponen, the attack is very interesting but doesn't seem to have spread widely at the moment. This kind of attack has been seen first time ever, as reported by BBC News on August 18, 2008.

Apart from this, Chris Boyd was following the link for several days. He stated that while tracing the attack, he came across several spam e-mails that included links to Websites hosting booby-trapped advertisements, reported BBC News.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 28-08-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial