And if it was just like, `curl`-ing the url I was visiting with a numeric code or something, I'd be like, okay, I get it.
But it wants me to run THIS? Like how the hell can I trust that? 🤣
(If someone wants to tell me that this is indeed a hack and the site has been compromised, I'd feel better!)
@ipsquiggle That is very abnormal and confusing! I wonder if the command you shared is designed to fuck with the inbuilt Copilot and become a nasty info stealing worm. Edit: It seems to be capable of infecting browsers too, as the code seems malicious. It's almost like an add-on that would seem legit but isn't.
Yikes, that is a captcha I am prepared to fail!!
@ipsquiggle DO NOT DO THIS!!! I believe it's called a "#ClickFix" scam - never, ever, EVER do anything involving Terminal / Powershell unless you know exactly what you are doing.
@jwcph Exactly!
So I'm wondering, is this actually a compromised site, or is captcha now trying to acclimatize people to bypassing their computer's security?
@ipsquiggle As far as I know it's compromised. Our IT department sent out an alert about it a few months ago but I don't remember the details - though I did remember the scam well enough to recognize it, so... 😁
This was just from a search: https://www.kaspersky.com/blog/what-is-clickfix/53348/
@ipsquiggle I think this is doing the equivalent of piping curl to bash, but with the URL obfuscated