Ensuring your mobile and computer are safe from hacking is crucial to protecting the data and maintaining privacy. Using browsers and accessing free tools may bring unnecessary malware into your devices. As the technology is advancing, the hackers are also employing the same technology to attack the devices. Due to this, there’s an FBI warning against the use of browsers like Chrome, Safari, and Edge. The attacks are mainly from AI use, phishing toll scammers, and Chinese hackers aiming towards U.S. networks.
These attacks are simple yet sophisticated! It can be as straightforward as visiting free online document converter tools. Many users search for free file converters and transfer tools. The tools are free; however, they do not guarantee your device’s safety. Oftentimes, hackers use these tools to load malware into the computers and ask for ransomware.
According to a threat hunter, Will Thomas, some of the risky websites include:
- Imageconvertors[.]com (phishing)
- convertitoremp3[.]it (Riskware)
- convertallfiles[.]com (Adware)
- freejpgtopdfconverter[.]com (Riskware)
- convertscloud[.]com (Phishing)
- primeconvertapp[.]com (Riskware)
- 9convert[.]com (Riskware)
- convertisseurs-pdf[.]com (Riskware)
Some IOCs potentially related to this type of campaign related to these domains:
1. https://t.co/7KLbNXXg8Nhttps://t.co/hcVdTX9BYF
2. https://t.co/ZWx4U40Z05https://t.co/baWboyub3q
— Will (@BushidoToken) March 14, 2025
Scammers are able to target more than one device in one go. They copy the popular URLs and change one component. The change is so small that it is hard to identify. For instance, they may convert .com to .co.
Some of the attacks are so grave that they impact the public and private sectors. It can affect their productivity and cause heavy losses. Both small and large-scale companies are getting the brunt of it.
Apart from the FBI, the Cofense Cyber team’s statement says several documents and websites account for 8.8% of credential phishing campaigns. Hackers have mastered these types of methods to extract data.
you use file converters, the one containing malware can ask for unnecessary device permissions. These permissions grant data abuse, transmitting it back to the users. Whether you operate these converters using apps, QR codes, and downloading apk files, your device runs a risk of malware attack.
As per Info-Tech Research Group’s Fred Chagnon, “Firstly, and most prominently, you can’t trust the integrity of the file you’re getting back. Even the malicious services out there will perform the actual conversion for the user.” He clarifies how the resulting documents may contain embedded JavaScript code that remains hidden in the file and later releases a malicious program.
As per the FBI, the only way to avoid scammers is to be aware when using internet tools and AI in general. With the vast number of websites and content, it is hard to specify malware. Although the FBI is working towards catching the scammers, the users will have to be cautious on their own.
View on Threads
The officials suggest checking URLs before clicking on them, only using established apps, not clicking on unknown links, and avoiding using free file converters. Make sure you always click on trusted domains with secure email gateways such as Dropbox, Canva, Zoho, and Adobe. Another effective solution will be to employ emails and website firewalls. Moreover, AI will also come in handy to monitor threats on cloud servers and storage systems.
