I just saw this and felt I should share it. I'm sure most people here wouldn't fall for it but it can't hurt to make sure 👍
Edit: I just wanted to add, I have no idea what this tried to copy. I'm using Firefox on Linux which is perhaps why it didn't make it to my clipboard 🤷
My brother ran into this while car shopping on a reputable Utah based Toyota dealership's website. It was a powershell script that downloaded and executed something from a base64 encoded Bitly URL. Bitly took down the URL so we couldn't see where it was redirecting.
It seems like attackers are embedding this in vulnerable legit websites
Yeah, some wordpress themes have vulnerable bits that allow attackers to inject cross site scripting attacks into the page via various methods. Some have pivoted to using wordpress plugins which is a newer method I don't entirely understand yet.
Thanks, that's very interesting to know. I assumed it was just a malicious site before.