That’s how easy you can be hacked by copying and pasting commands from the web


The one who never has copied a command from the web to paste it into your terminal, Cast the first stone. It is not something that only novice Linux users do, but in any system, and it is so common among developers themselves – even the most veteran ones – that Stack Overflow itself turned its keyboard to ‘copy and paste’ into a real gadget with enough demand.

Well, the cybersecurity specialist Gabriel Friedlander, just showed a “simple trick with which you can be hacked for a copy paste accidental“For Gabriel, the demo that he has posted on his website is more than reason enough why we should never copy commands from the web directly into our terminal.

When you think you are copying something but it is replaced by something else

Copy Paste Hack

Friedlander explains that all it takes is a simple line of code injected into the code you are copying to create a back door to your app. In fact, you can do the test directly on his blog by copying a common and common command that many of us have used in Linux: “sudo apt update”.

If you enter the blog in question and copy the code and paste it in the drawer below (or in any other place like your notepad), you can see how what you pasted is completely different from the copied command. In this case it is a malicious command, and the important detail here is that when pasting it a new line is added automatically.

The keyboard to 'copy and paste' code from Stack Overflow, an April Fool turned gadget (and already in pre-sale)

This means that when you have pasted the command it will be too late, since adding a new line causes the terminal to automatically execute the command, so regardless of whether you have noticed that the command you pasted is not the correct one, you will no longer be able to do anything to prevent its execution.

All this “pleasure” is due solely to a simple segment of JavaScript injected into the page that will change the text copied to the clipboard. When copying the command an “event listener” is activated when the user clicks the “copy” button and replaces the initial text with the malicious code.

These types of scripts obviously have legitimate uses, but this is an example of how they can be exploited for evil in a creative way, and perhaps it serves as a warning not to copy commands from any strange place on the Internet.

A recommendation from Gabriel to prevent this is that we can add a “#” after the code before pasting it to make it a comment and that it does not run. A recommendation from Gabriela is to paste the code before anywhere other than the terminal to verify that you are pasting the original content and no one is playing one on you.


Please enter your comment!
Please enter your name here