Google Chrome Security Issue Allows the Automatic Overwrite of Clipboard Content
'Clipboard Poisoning Attacks' Exposed
A significant security issue in the Google Chrome web browser and its Chromium-based alternatives has been discovered. This flaw enables malicious web pages to automatically overwrite clipboard content without any user consent or interaction, simply by visiting them.
The vulnerability, known as "clipboard poisoning attack," was accidentally introduced in Chrome version 104, according to developer Jeff Johnson. Although the problem also exists in Apple Safari and Mozilla Firefox, it is particularly severe in Chrome due to a broken requirement for user gestures to copy content to the clipboard.
User gestures, such as selecting a piece of text and pressing Control+C (or ⌘-C for macOS), or choosing "Copy" from the context menu, normally grant permission for content to be copied to the clipboard. However, due to the Chrome issue, innocent gestures like clicking on a link or scrolling down a page automatically give websites permission to overwrite the system clipboard.
This ability to substitute clipboard data comes with significant security implications. In a hypothetical attack scenario, an attacker could lure a victim to visit a rogue landing page and change the address of a previously copied cryptocurrency wallet to one under their control, facilitating unauthorized fund transfers.
Furthermore, threat actors could modify the clipboard to contain links to specially crafted websites, leading unsuspecting victims to download dangerous software.
Google is already aware of the issue and is expected to release a patch soon to address this serious flaw and prevent potential abuse by malicious actors. In the meantime, users are advised to avoid opening web pages between any cut/copy and paste actions and to verify the contents of their clipboard before performing sensitive operations online, such as financial transactions.
This discovery coincides with the release of a new version of Chrome (105.0.5195.52/53/54) for Windows, macOS, and Linux, which includes fixes for 24 vulnerabilities, 10 of which are related to use-after-free bugs in Network Service, WebSQL, WebSQL, PhoneHub, and other components.
As always, staying vigilant and keeping software updated is crucial to maintaining online security. Follow us on Twitter and LinkedIn for more exclusive content and the latest cybersecurity news.