- False PDF converters fool users with cloned places and fake CAPTCHAS
- Powershell -Commando installs malware that steals browser and crypto -tektogdata
- Attackers use realistic design and social technique to avoid detection
Cyber criminals use fake PDF converters to install powerful malware on the victims’ systems, experts have warned.
Research from Cloudsk found that attackers clones popular file conversion sites like pdfcandy.com – repeating its logo and brand elements – to trick users to download malicious software.
Cloudsk says these fake places look almost identical to the right ones. When someone tries to convert a file, the page shows a fake loading screen and then asks for a CAPTCHA verification. Instead of just confirming that the user is human, this step leads to an instruction to run a Powershell command. Following the command, a ZIP file containing malware known as Arechclient2, part of the Sectoprat family of the information star.
Collecting personal data and worse
Malware uses a number of hidden methods to infect the system. It spawns normal Windows processes to hide its activity and begin to collect browser passwords, crypto -design book information and other sensitive data. When Malware is active, it can safely send stolen information back to the striker, reports Cloudsk.
The FBI has already warned that online file converters are becoming a popular way for criminals to spread their malware. Cloudsk’s research shows that attackers improve their methods and melt melted on realistic site design with social technical tricks to lower users’ defense.
When online tools become part of everyday work and personal life, it is important to know how to avoid these threats.
How to remain safe
The best way to protect yourself is to avoid clicking random search results for online file converters. Always visit known official sites directly.
In addition, always double controls the site’s address for small spelling that can be easy to miss.
For a good starting point, look up our round of the best PDF editors and the best free PDF editors. We also recommend the best Adobe Acrobat alternatives.
Staying careful when uploading documents online can stop many of these attacks before they start.
Keep your Antivirus software up to date (you do it anyway, right?) And scan all downloaded files before opening them. Installation of browser extensions that block suspicious or dangerous places can also help.
If a site asks you to run PowerShell commands or download additional files after uploading a document, immediately close the page.
Finally, if you think you have been fooled, disconnect the device from the Internet immediately, change all important passwords from a secure device and tell your bank or service providers as soon as possible.
