Enhancing OS clipboard security
Captchas provide a means to limit automated access to web services. Users have become accustomed to solving captchas to access common web resources. Malicious actors are exploiting users with fake captcha prompts to trick them into pasting malicious content from the clipboard, even when the user never copied the content themselves. There are multiple approaches to mitigate clipboard-based attacks, such as disabling clipboard history and cross-device synchronization. These measures can reduce the risk of accidentally pasting harmful data.
Note that disabling web browser clipboard features may impact legitimate sites (e.g., Google Docs or other cloud editors).
Browser Settings
- Firefox: In
about:config, setdom.event.clipboardevents.enabledtofalse. - Chrome / Edge: Go to
chrome://settings/content/clipboard(or equivalent in Edge). - Safari: Go to Settings → Websites → Clipboard.
Cross-Device Risks
These attacks become more dangerous when clipboard synchronization is enabled across devices, such as Apple’s Universal Clipboard or Microsoft Cloud Clipboard.
Windows: Disable Clipboard History & Cross-Device Sync
The following policy keys are the most effective way to disable these features:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\AllowClipboardHistory→ Set to0HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\AllowCrossDeviceClipboard→ Set to0
You can check them with PowerShell:
Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "AllowClipboardHistory"
Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "AllowCrossDeviceClipboard"macOS disable Universal Clipboard and clipboard history
To disable Universal Clipboard on macOS, users can turn off the Handoff feature, which is responsible for clipboard synchronization across Apple devices. This can be done by disabling Handoff in System Preferences under the General settings. This prevents the clipboard from being shared between devices, reducing the risk of spreading malicious content. macOS clipboard history can be disabled in System Settings. In the sidebar, click Spotlight. Turn off the toggle for “Results from Clipboard”.