New analysis shows users can be convinced to copy and paste malicious code on behalf of the attacker.
I first saw this kind of attack earlier this month – where the user is asked to launch the Run dialog box and paste in a malicious command.
I never thought I'd see something similar again, but I was wrong.
New analysis of this attack technique now known as “pastejacking” by security vendor Trellix shows that attackers are using variants of this method to get users to assist in the attack. Previously, it was simply pasting a command into the Run dialog box. But in the latest campaign, users are asked to launch Windows PowerShell Terminal and then paste in the contents of the cache.
This idea needs to stop. No user ever will legitimately receive an email from someone they don’t know and need to do the Windows equivalent of cartwheels to get the document sent to open.
And yet, it appears that users are willing to do those proverbial cartwheels – likely because they haven’t been educated through security awareness training that these kinds of emails are a scam and should be avoided at all costs.
The very fact the attacker needs the user to do so much work tells us that the good guys are winning. Putting proper training in place only increases our odds of winning.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.