We all know that malicious ads can be hosted by legit sites. Generally being fully patched (including third party apps) is a good protection against most attacks other than social engineering.
Ryan Naraine of The Zero Day Blog over at ZDNet reports that malicious Adobe Flash ads are being used to hijack the clipboard until the browser is closed.
I kind of expected to be protected against this because I set IE to prompt before allowing programmatic access to the clipboard. A proof of concept quickly disproved that theory.
Further searching the feeds I read regularly finds mention of this a week ago in the Spywaresucks blog.
Then this guy says he’s seen it back in July.
The domain injected into the clipboard is for rogue software antivirus 2008 xp. The domain has been used for bad going back to at least April 2008.