FBI issues warning — hackers are using fake PDF converters to spread malware and steal your passwords

News
By published

Here's how to stay safe

A hacker typing quickly on a keyboard
(Image credit: Shutterstock)

Be vigilant if you’re using an online PDF converter – the FBI recently issued a warning that threat actors have specifically been using online file conversion services to spread infostealing malware.

As reported by the Indian Express, security firm CloudSEK has discovered an attack that mimics pdfcandy.com in order to trick users into downloading the ArechClient malware, which belongs to the SectopRAT family of infostealers.

The ArechClient malware has been active for several years and is used to steal critical personal data and information like usernames, browser passwords and crypto wallet information.

The report suggests that this latest phishing site, and others like it, have received more than 6,000 visits last month. This indicates that this malware has already been actively exploited by threat actors in order to steal data.

While many people search online for a PDF converter, this site has replicated the visual elements including the logo and the domain name, echoing it by using candyxpdf[.]com and candycoverterpdf[.]com in order to gain legitimacy.

The fake site allows users to upload a PDF file to convert it into a Word document, which requires CAPTCHA verification to complete. Upon completion of the CAPTCHA, users are given a prompt to run a PowerShell command to begin downloading the malware which is downloaded onto their computers under the file name ‘adobe.zip.’

How to stay safe

Because this malware relies on users visiting look-a-like websites instead of the actual company's site that they intent to visit, being extremely cautious and vigilant about what websites you visit to download software is the first step.

Make sure you're downloading software from legitimate sources, and double and triple check the URLs you're visiting and the developer pages.

It also's good to make sure you have one of the best antivirus programs set up, and updated, before you begin downloading files on the internet – many of them include features that can help protect you from malware as well as additional features like a VPN or hardened browser that can help protect you online.

Keep in mind, there are offline tools that will convert these files as well.

More from Tom's Guide

See more Computing News
Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.