|
|
|
|
|
|
by catiopatio
1136 days ago
|
|
|
If I copy and paste the malicious URL into the terminal, or the browser’s location field, there’s no indication that it’s anything but what it appears to be. Of course, there’s nothing unique about `.zip` other than that it’s a common file extension. Any TLD that makes for a convincing file extension could be used this way. |
|
|
Sorta like https://verylegit.link but built into the whole TLD.