Attackers are tricking people into cutting and pasting malware, infecting their own machines. These actors are using fake browser updates and software fixes to trick users into copying and pasting PowerShell scripts containing malware strains. The malware uploaded to the victims’ computers includes remote access Trojans (RATs) and infostealers. There are two ongoing campaigns that appear to be using this technique: ClearFake and ClickFix. Users are shown a pop-up suggesting an error occurred while trying to open an application. The pop-up then provides further instructions to copy and paste a script into the PowerShell terminal, infecting the users computer with malware.
Read more: https://www.darkreading.com/remote-workforce/cut-paste-tactics-import-malware