The FBI warns that cybercriminals are using fake online document converters to distribute malware, steal sensitive data, and even launch ransomware attacks.
Hackers create fraudulent websites offering free file conversion and download services, such as converting DOC files to PDFs or merging JPG images. While these tools function as expected, the downloaded files may contain hidden malware, allowing attackers remote access to victims' devices.
Beyond malware infections, uploaded files may also be scraped for sensitive data, including names, banking details, passwords, and cryptocurrency wallet information. The FBI notes that scammers mimic legitimate URLs by slightly altering them, making them harder to detect.
Cybersecurity researchers have identified malicious file converter sites distributing Windows malware such as Gootloader, which can download trojans, info-stealers, and ransomware. These attacks have been linked to major ransomware operations like REvil and BlackSuit.
Some malicious sites filter visitors by region and previous visits, ensuring that only targeted users receive infected JavaScript files instead of legitimate documents.
While not all online converters are dangerous, the FBI urges users to thoroughly research services, avoid obscure websites, and verify downloaded files—especially if they are executables or JavaScript files, as they are likely malicious.
Logging you in...
Loading IntenseDebate Comments...