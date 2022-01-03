A security researcher demonstrated how a common practice among software developers can be used to carry out cyber attacks without the victim noticing. In a proof of concept, he showcased the way in which malicious pages can take advantage of the common habit of copying code or ready-made solutions from online repositories to deliver something quite different and far more dangerous.

While malicious code placed among legitimate solutions can be easily seen by someone with knowledge, the same cannot be said of the clipboard, whose manipulation can be invisible. That’s what expert Gabriel Friedlander, from the Wizer education and training platform, demonstrated when he created a fraudulent page that displays one code but delivers another when the excerpt is copied.

In the case shown on your blog, it is a command aimed at Linux servers that, if copied to a console, would be executed directly to download a malicious solution from a server controlled by criminals. The developer wouldn’t see the trick until it was too late, in an exploration that, luckily, is still just a concept but can have real applications.

Want to catch up on the best tech news of the day? Access and subscribe to our new youtube channel, Kenyannews News. Every day a summary of the main news from the tech world for you!

The secret is in JavaScript, in an event listening system that can be executed when the user performs a certain task, which in this case is copying the code. This is where data sent to the clipboard becomes different from what is being displayed on the screen, opening the door to exploits that can make applications and systems vulnerable.

Therefore, Friedlander’s recommendation is that developers never copy and paste code directly into terminals, especially when working on critical applications. The exploitation, simple, has an even simpler mitigation, just a little care and the use of notepad to stop the attack from happening. Furthermore, using trusted repositories in good moderation also helps to avoid abuses of this kind.