Dark Mode

Settings

Capec-637 Detail

Collect Data from Clipboard

Detailed Software Likelihood: Low Typical Severity: Low

Parents: 150

Description

The adversary exploits an application that allows for the copying of sensitive data or information by collecting information copied to the clipboard. Data copied to the clipboard can be accessed by other applications, such as malware built to exfiltrate or log clipboard contents on a periodic basis. In this way, the adversary aims to garner information to which they are unauthorized.

Not present

External ID Source Link Description
CAPEC-637 capec https://capec.mitre.org/data/definitions/637.html
CWE-267 cwe http://cwe.mitre.org/data/definitions/267.html
T1115 ATTACK https://attack.mitre.org/wiki/Technique/T1115 Clipboard Data
Explore

  1. Find an application that allows copying sensititve data to clipboad: An adversary first needs to find an application that allows copying and pasting of sensitive information. This could be an application that prints out temporary passwords to the screen, private email addresses, or any other sensitive information or data

Experiment

  1. Target users of the application: An adversary will target users of the application in order to obtain the information in their clipboard on a periodic basic

    2. Techniques
    Install malware on a user's system designed to log clipboard contents periodically
    Get the user to click on a malicious link that will bring them to an application to log the contents of the clipboard
Exploit

  1. Follow-up attack: Use any sensitive information found to carry out a follow-up attack

  1. The adversary must have a means (i.e., a pre-installed tool or background process) by which to collect data from the clipboard and store it. That is, when the target copies data to the clipboard (e.g., to paste into another application), the adversary needs some means of capturing that data in a third location.

Not present

High
To deploy a hidden process or malware on the system to automatically collect clipboard data.
Confidentiality
Read Data

Not present

We use cookies to ensure you get the best experience on our website.