It has been possible for a long time for developers toto the clipboard without a user noticing and thus fool them into executing unwanted terminal commands.
This type of attack is known as clipboard hijacking, and in most scenarios, it is useless, except when the user copies something inside their terminal.
Called, his proof-of-concept attack works the same way older CSS-based exploits do, but with a twist.
“What’s different about this is the text can be copied after an event, it can be copied on a short timer following an event, and it’s easier to copy in hex charecters into the clipboard, which can be used to exploit VIM,” Ayrey explained.
Ayrey even includes a demo where the attacker runs their malicious code, clears the console, and then appends the code the user copied, making them believe nothing happened.
The attack can be deadly if combined with tech support pages or phishing emails. Users might think they’re copying innocent text into their console, but in fact, they’re running the crook’s exploit for them.
Because terminal commands are automatically executed, the user doesn’t even have to press Enter to run the malicious code, CTRL+V being enough.