An internet browser is an example of a network-enabled application that allows users to easily browse and select items being viewed using the browser. The network-enabled application receives one or more communications (such as webpages) from a service provider that is often encoded in the form of a markup language (such as the hypertext markup language HTML), which describes the structure and functionality of the content that is received by the content user.
The communication (such as a received webpage) often solicits sensitive information such as financial information (e.g., credit card numbers) and/or authentication information (username/password combinations) that the user is to provide (in exchange for goods or services, for example). Because of the length of the information and/or the difficulties in remembering or entering the information, users often rely upon a copying of the information via an electronic clipboard (which includes a cut-and-paste buffer) from a document containing the information to an entry field for receiving and transmitting the entered sensitive information to the service provider.
However, malware that is normally hidden in the network-enabled application (and/or computer upon which the network-enabled application is executing) can exploit the sensitive information (which is typically stored as plaintext in the clipboard) by performing a “paste” operation to itself. The malware can then transmit the information via the established network link to third parties ostensibly for the purpose of making (e.g., illegal) use of the exploited information.