Security News > 2022 > January > Don't copy-paste commands from webpages — you can get hacked
Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal are warned they risk having their system compromised.
It isn't unusual for novice and skilled developers alike to copy commonly used commands from a webpage and paste them into their applications, a Windows command prompt or a Linux terminal.
Friedlander warns a webpage could be covertly replacing the contents of what goes on your clipboard, and what actually ends up being copied to your clipboard would be vastly different from what you had intended to copy.
As soon as you copy the "Sudo apt update" text contained in an HTML element, the code snippet, shown below runs.
"This is why you should NEVER copy paste commands directly into your terminal," warns Friedlander.
"You think you are copying one thing, but it's replaced with something else, like malicious code. All it takes is a single line of code injected into the code you copied to create a backdoor to your app."