I just saw this and felt I should share it. I’m sure most people here wouldn’t fall for it but it can’t hurt to make sure 👍

Edit: I just wanted to add, I have no idea what this tried to copy. I’m using Firefox on Linux which is perhaps why it didn’t make it to my clipboard 🤷

  • zdanger@lemmy.worldEnglish
    64·
    1 day ago

    My brother ran into this while car shopping on a reputable Utah based Toyota dealership’s website. It was a powershell script that downloaded and executed something from a base64 encoded Bitly URL. Bitly took down the URL so we couldn’t see where it was redirecting.

    It seems like attackers are embedding this in vulnerable legit websites

    • JoshCodes@programming.devEnglish
      9·
      1 day ago

      Yeah, some wordpress themes have vulnerable bits that allow attackers to inject cross site scripting attacks into the page via various methods. Some have pivoted to using wordpress plugins which is a newer method I don’t entirely understand yet.

    • UnH1ng3d@lemmy.worldOPEnglish
      20·
      1 day ago

      Thanks, that’s very interesting to know. I assumed it was just a malicious site before.