this post was submitted on 14 Sep 2024
1615 points (99.1% liked)

Technology

58108 readers
4829 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
L4s@lemmy.world
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
1615
Be careful. (feddit.org)
submitted 4 days ago by 101@feddit.org to c/technology@lemmy.world
177 comments fedilink hide all child comments
 

Source.

top 50 comments
sorted by: hot top controversial new old
[–] Kethal@lemmy.world 197 points 4 days ago* (last edited 4 days ago) (13 children)

It seemed odd to me that a Web site could write to or read from the clipboard without the user approving it. That would be a pretty obvious security and privacy issue. From what I gather, on Chrome sites can write to the clipboard without approval, but they need approval to read. ~~On Firefox and others any access requires permission. Thus this exploit seems limited to Chrome users.~~

@SkaveRat pointed out that it doesn't require permission, only interaction. So likely there's a button that's clicked that writes to the clipboard, and most browsers are susceptible to this.

[–] kent_eh@lemmy.ca 2 points 3 days ago* (last edited 2 days ago)

It seemed odd to me that a Web site could write to or read from the clipboard without the user approving it

Yeah, that's a security hole that I hadn't been aware of.

load more comments (12 replies)
[–] LillyPip@lemmy.ca 64 points 3 days ago

Kinda brilliant to disguise malware as a captcha, though. I won’t be surprised.

[–] ClassifiedPancake@discuss.tchncs.de 48 points 3 days ago

That’s so sassy I kinda respect it.

Too bad for those who fall for it.

[–] JohnyRocket@discuss.tchncs.de 36 points 3 days ago (1 children)

/s no I wouldn't actually implement it

[–] SpaceCowboy@lemmy.ca 9 points 3 days ago (1 children)

Yeah, right? Captchas have trained users to do whatever weird thing a webpage tells them to do, so now people will do this without thinking about it.

[–] JohnyRocket@discuss.tchncs.de 3 points 3 days ago

Yeah I sent the screenshot to my parents right away, I think they would know better but better be safe than sorry.

[–] daniskarma@lemmy.dbzer0.com 9 points 3 days ago (2 children)

Ok, that is kind of clever.

Though I suppose even the dumbest user will chicken out once the terminal pops out.

load more comments (2 replies)
[–] Binette@lemmy.ml 42 points 4 days ago (1 children)

That is extremely hilarious

[–] dan@upvote.au 83 points 4 days ago

Except for the fact that a lot of less tech savvy people will fall for it.

[–] ColdWater@lemmy.ca 22 points 3 days ago (6 children)

I tried it and it's not working for me, my terminal is super+T and paste is Ctrl+Shift+V

load more comments (6 replies)
[–] x00za@lemmy.dbzer0.com 36 points 4 days ago (4 children)

Anybody got more info on the actual payload?

powershell.exe -eC [payload_w_base64] is mentioned here.

-eC just means encoded command afaik.

load more comments (4 replies)
[–] pewgar_seemsimandroid@lemmy.blahaj.zone 20 points 3 days ago* (last edited 3 days ago)

ah, think this is like one of those survey scams.

[–] BearOfaTime@lemm.ee 24 points 4 days ago (8 children)

Wouldn't it require elevation?

Yet another example of why running as root/admin is a Bad Idea©

[–] groet@feddit.org 73 points 4 days ago (3 children)

No, why would it? It will run code in the context of the current user which is absolutely enough to start a new process that will run in the background, download more code from a attacker server and allow remote access. The attacker will only have as much permissions as the user executing the code but that is enough to steal their files, run a keyloggers, steal their sessions for other websites etc.

They can try to escalate to the admin user, but when targeting private victims, all the data that is worth stealing is available to the user and does not require admin privs.

load more comments (3 replies)
load more comments (7 replies)
[–] ininewcrow@lemmy.ca 10 points 4 days ago (2 children)

General rule of thumb for me to interact with a website and read or watch whatever I want .... if you require me to do more than two things to show me the content I came to see, I'm closing the tab or windows and moving on.

If it's really important and security related, I'll take my time and carefully examine everything I do.

Otherwise I'm not clicking more than twice and definitely not using my keyboard to see your dumb website or TikTok video.

load more comments (2 replies)
load more comments
view more: next ›