The FBI has warned that fake online file converters are spreading malware, potentially leading to data theft, financial loss, and ransomware attacks.
Cybercriminals are creating fake file conversion websites which appear to offer free tools for converting documents, images, and other file types. Many people use these types of file converters to convert a PDF to a Word document, extract audio from video files, or change an image file to a more suitable format. However, instead of just providing a conversion service, these malicious websites are also infecting users’ PCs with malware.
This attack is especially dangerous as PC users regularly access file conversion websites, but they don’t realize that these sites could be dangerous. Once a visitor has their converted file, they assume all is well. Unfortunately, behind the scenes, much more is going on.
Converting Your Files into Malware
The fake file converter websites often appear in search engine results or through online ads, making them appear safe and legitimate. Some of the most recent ones to have been identified as being at risk include DocuFix and PDFixers. When a user visits one of these sites, they’re typically instructed to upload the file they want to convert. Once the file is uploaded, the website provides a download link for the “converted” file.
However, this file is not what it seems. Although the downloaded file may be a correctly converted file, it will also have malware hidden in it. As well as containing malware, these fake websites will also analyze files uploaded by users for sensitive data e.g. if someone has uploaded a PDF file containing financial information, the threat actors behind the website will be able to harvest this. In many cases, a correctly converted file isn’t even included in the available download, with malware such as Gootloader and Cobalt Strike being the only files on offer.
The impact of this malware can be catastrophic. Running quietly in the background, it can capture personal data, launch ransomware attacks, or even take control of the PC. Accordingly, all PC users need to tread carefully online.
Staying Safe from the Threat of Fake Converters
File converter websites are incredibly useful, but only when they’re the real deal and do exactly what they claim. However, as most internet users accessing these sites are busy working on something, they don’t always pay attention to the site they’re visiting. And this is where cybercriminals have an opportunity to exploit this trust. Therefore, it’s crucial that you understand these best practices for staying safe:
- Only Use Trusted Sites: Never use a file converter website that you haven’t thoroughly researched. Always conduct a quick Google search for reviews of the website and carefully read the most recent comments. Even if you’re a regular user of a particular converter website, always double check that the URL is correct – many threat actors mimic official websites by changing a letter or two in order to appear genuine.
- Be Cautious When Downloading: Always scan any downloaded files from the internet with your security software. These security tools are regularly updated to identify all new strains of malware and can stop you executing any malicious files. Additionally, if a file converter asks you to install further tools to convert your files, you should immediately stop.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More