If it's Free, YOU are the Product

Published: 2016-09-13. Last Updated: 2016-09-13 00:28:10 UTC
by Rob VandenBrink (Version: 1)
5 comment(s)

This is a commonly used phrase, usually when describing free products on the internet (often social media sites).

When my wife asked me to convert a PDF to a DOCX file, I thought I'd test this proverb in a slightly different way.  I googled "convert PDF DOC", and tried the first group of "free" online converters.

Of the ones that are actually free, I took the resultant DOC file and pulled it apart, first just by unzipping it, then in much more detail using some of the tools on Lenny Zeltser's cheat sheet page on analyzing malicious documents: https://zeltser.com/analyzing-malicious-documents/.  At this point I think you know where I'm going.

Yes, 3 of the first 5 on the list converted to doc files that contained <gasp> malware - Angler variants all of them.  So an "older" kit, but an exploit all the same. 

So I guess it's true, you are the product! 

Oh, and my wife's request?  I just opened the PDF in Word 2013 and did a "save as".  Some of the graphics were lost, but everything she needed came through just fine!

===============
Rob VandenBrink
Compugen

Keywords: document conversion malware
5 comment(s)

Comments

OpenOffice Writer does im- and export of PDFs rather nicely.
(but even there you're now running danger of trojaned fake download sites -.- )

Anonymous

Sep 13th 2016
8 years ago

Should it be "If it is free, you are the victim" ?

Anonymous

Sep 13th 2016
8 years ago

Maybe the search algorithm needs a security element. What you are saying is that I can download free tools to investigate malicious behaviour of free tools. It comes down to a trust issue.

Anonymous

Sep 13th 2016
8 years ago

doc2pdf or pdf2doc is some of the most common malware I see, and has been so for quite a while. I tell my users over and over again about converting docs in Office, but there are always some...

Anonymous

Sep 13th 2016
8 years ago

This is very, very helpful. Has anyone done any additional research on other "free" sites? Working in IT today the pressure is always why is IT so expensive. I can do X for free on this or that website. This seems to be something ISC can track and help us train users in understanding that "free" means you are the product. This will be a cultural change that needs some good data. Free is pretty attractive.

Anonymous

Sep 14th 2016
8 years ago

Login here to join the discussion.


Top of page
Diary Archives