just a psa to everyone NEVER paste anything into the run window unless you absolutely fucking know what you're pasting in

you can use win + v (or paste into notepad) to check whatevers been put into your clipboard

March 10, 2026 - 20:53 UTC

10
4
311
Oh I would make sure to clip them some *filthy* furry porn if I ever saw this in the wild.
0
0
1
yeah even if it was a trusted site I wouldn't risk it.
0
0
0
domino meme:
-> the absolute failure of every world government to regulate bots on the internet
-> every website has a captcha to keep out bots
-> arms race
-> captchas get really complicated
-> users are now trained to execute arbitrary instructions because a website said so
0
0
17
People of the modern internet don't quite know why ad blockers became so important, it was and is because of stuff like this, in the old days a flash ad or some other script could run a hack and get access to your pc, This is that but with extra steps.
0
0
5
breaks me haert that less savvy peeps absolutely fall prey to this stuff regularly, else they wouldn't still exist x_x
1
0
13
I'm not sure if it makes me feel better or worse that the people who get got by stuff like this are the same folks who would have been got by Kirby/Electrolux sales and illegitimate sweesptakes/off-books lotteries in the past.

Like, they probably would have been scammed 50 years ago as well.
0
0
0
If you still have the string or site where it came from, mind DMing it to me? I'd love to reverse engineer what it's trying to do
1
0
3
i clicked off the site and deleted the text from my clipboard 😔
1
0
2
i actually had the clipboard history disabled in fear of telemetry, especially with windows 11 being the way it is

i might enable it *just* for this time though
0
0
1
So now a site can add a command to the clipboard?
1
0
0
Now? Pretty sure I remember being able to fuck with the contents of the clipboard all the way back in in the early 00's.
0
0
0
Sometimes it does "work," so it seems like you did verify you were "not a robot," but aside from that, it's basically an attempt to make you run code on your computer that takes it over.
I don't remember the *exact* term for this kind of attack, but I think it falls under the Trojan classification?
1
0
3
Its called "Click-Fix Phishing". We see this attack daily at work by customers who fall prey to it.
Even though they said they clicked off it, never, ever, copy paste this stuff. Windows + V is clipboard history and can keep that in there, and you might accidentally paste it elsewhere.
1
0
5
Laughs in being on Linux so these steps wouldn't work.
(Checking what's on Meta+R: It brings up a screen recorder.)
1
0
0
They could easily detect OS from the user agent and give you a string to paste into your terminal instead.
No point in laughing when the only thing holding them back is because they haven't deemed linux to be a large enough userbase to bother yet.
0
0
1