You are reading a single comment by @hippy and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported almost exclusively by donations. Please consider donating a small amount regularly.
hippy
That is not a great article... this one is better (shows the sample code): https://thehackernews.com/2022/05/watch-out-researchers-spot-new.html
This works for me: https://0ut3r.space/2022/03/06/windows-defender/
Protects against it perfectly fine... I was alerted by Defender and it was blocked.
I'll concede, most people aren't doing this stuff... but when done Windows is pretty damn secure.
Additionally the attack URL was blocked by Google Safe Browsing, which means that NextDNS was already blocking it... so if you use NextDNS you already had the destination which contained the JavaScript used to elevate the attack blocked.
That URI can be seen on this page: https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784/behavior (the one called RDF*.html)