A vulnerability in the Google Chrome browser, as well as Chromium-based browsers, could allow malicious web pages to automatically overwrite the clipboard content without any user interaction and consent simply visiting them.
The developer explained that in Chrome the requirement for a user gesture to copy (selecting a piece of text and pressing Control+C or selecting “Copy” from the context menu) the content to the clipboard is currently broken.
This means that clicking on a link or pressing the arrow key to scroll down the page gives the website permission to overwrite your system clipboard. This issue affects every web browser, including Safari (desktop and mobile) and Firefox.
The capability to overwrite the content of a clipboard allows attackers to potentially conduct multiple malicious activities. An attacker could exploit the issue to replace the wallet address while the victim is performing a transaction. In order to exploit the flaw, threat actors could trick victims into visiting a specially crafted webpage.