“To read the purported PDF document, victims are persuaded to click a URL containing a list of steps to register their Windows system. The registration link urges them to launch PowerShell as an administrator and copy/paste the displayed code snippet into the terminal, and execute it.”

This is not new, nor is it newsworthy.

Wow, what a trick! Much exploit!

“deceived victims into running PowerShell as an administrator and pasting in malicious code”

Once again, people are the weakest link.

Vaguely interesting delivery method. Spearphishing emails with an attached PDF with the instructions and the code to copy paste in it. Claims that it’s the way to “register windows”. Maybe putting it in a PDF bypasses email filtering?