free counter

Newly identified browser bug allows websites to overwrite clipboard content

What just happened? A browser vulnerability affecting Chrome, Firefox, and Safari was discovered carrying out a recent Chrome software release. Google developers identified the clipboard-based attack, that allows malicious websites to overwrite a user’s clipboard content once the user does nothing else but go to a compromised webpage. The vulnerability affects all Chromium-based browsers aswell, but is apparently most prevalent in Chrome, in which a user gesture used to copy content happens to be reported as broken.

Google developer Jeff Johnson explained the way the vulnerability could be triggered in a number of ways, which grant the page permissions to overwrite clipboard contents. Once granted, users could be suffering from actively triggering a cut or copy action, simply clicking links in the page, as well as taking actions as simple as scrolling up or down on the page involved.

Johnson elaborated on the bug, pointing out that while Firefox and Safari users need to actively copy content to the clipboard using Control+C or -C, Chrome users could be suffering from simply viewing a malicious page for only a fraction of another.

Johnson’s post references video examples from ime, a content creator focusing on content aimed toward web designers. ime’s demonstrations reveal precisely how quickly Chrome users could be affected, with the vulnerability set off by simply toggling between active browser tabs. It doesn’t matter how long or which kind of interaction an individual takes, the malicious site instantly replaces any clipboard contents with regardless of the threat actor decides to provide.

To become in a position to write to the clipboard, the web site must be in the active tab. Quickly toggling tabs will do. You don’t need to interact with the web site or consider it for greater than a tenth of another.

ime (she-meh) (@simevidas) September 2, 2022

Johnson’s blog provides technical details describing precisely how a page can buy permission to create to the machine clipboard. One technique runs on the now deprecated command, document.execCommand.

Another method takes benefit of the newer navigator.clipboard.writetext API, which includes the opportunity to write any text to the clipboard without additional actions required. Johnson’s blog carries a demonstration of how both methods to exactly the same vulnerability work.

As the vulnerability might not sound damaging at first glance, users should remain alert to how malicious actors can leverage this content swap to exploit unsuspecting victims. For instance, a fraudulent site can replace a previously copied URL with another fraudulent URL, unknowingly leading an individual to additional sites made to capture information and compromise security.

The vulnerability also provides threat actors having the ability to replace copied cryptocurrency wallet addresses saved to the clipboard with the address of another wallet controlled by way of a malicious alternative party. After the transaction has had place and funds are delivered to the fraudulent wallet, the victimized user typically has little to no capability to trace and reclaim their funds.

In accordance with The Hacker News, Google knows the vulnerability and is likely to to push out a patch soon. Until then users should exercise caution by avoiding opening pages using clipboard-based copied content and verify the output of these copied content ahead of continuing with any activities which could compromise their personal or financial security.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker