this post was submitted on 18 Jun 2024
51 points (100.0% liked)

Cybersecurity

5962 readers
110 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
kid
[email protected]
51
Fake Google Chrome errors trick you into running malicious PowerShell scripts (www.bleepingcomputer.com)
submitted 7 months ago by kid to c/cybersecurity
2 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 7 months ago* (last edited 7 months ago) (1 children)

These errors prompt the visitor to click a button to copy a PowerShell "fix" into the clipboard and then paste and run it in a Run: dialog or PowerShell prompt.

"Although the attack chain requires significant user interaction to be successful, the social engineering is clever enough to present someone with what looks like a real problem and solution simultaneously, which may prompt a user to take action without considering the risk," warns a new report from ProofPoint.

I'm sure this works, else they wouldn't do it, but FFS, somebody would have had to have been living under a rock to not know by now that executing random code is a bad idea.

And yet, people still fall prey to the gift card scams, so what do I know?

[–] [email protected] 5 points 7 months ago

Yeah my first thought on reading that headline was that I’m sure it works on someone but certainly not me