FBI Warning: Hackers Spread Malware, Steal Passwords Using Fake PDF Converters

The FBI has issued a warning that hackers are using fake PDF converters to spread malware and steal passwords.

Online PDF Converters: A Threat to Our Personal Data

A word of caution to all users of online PDF converters. The FBI recently warned that these platforms have become prime targets for cybercriminals distributing infostealing malwares.

ArechClient Malware: A Serious Threat to Your Sensitive Data

Security firm CloudSEK uncovered an attack mimicking pdfcandy.com to lure users into downloading the ArechClient malware. Part of the SectopRAT family, this malicious software is designed to steal critical personal information such as usernames, browser passwords, and crypto wallet details.

The report states that this fake phishing site, along with others similar, garnered over 6,000 visits last month, suggesting that this malware is actively being exploited by malicious actors to steal data.

Visual Identity Theft: A Deceptive Strategy

Cybercriminals have duplicated the visual elements of the original site, including logos and domain names. Users are prompted to download a PDF file to convert it into a Word document, which requires CAPTCHA verification. After CAPTCHA validation, a message asks users to execute a PowerShell command to initiate the malware download, which is then saved on their computers under the filename ‘adobe.zip’.

How to Protect Yourself from Such Threats?

The first line of defense is to exercise extreme caution when visiting websites for software downloads. It is advised to “double or triple check the URLs you visit and the developer pages”.

It’s also wise to ensure that you have one of the top antivirus programs, which is regularly updated, before starting any downloads on the Internet. These programs often include additional features like a VPN or a secure browser that can provide further protection online. Finally, remember that offline tools are available for file conversion.