If it's Free, YOU are the Product
This is a commonly used phrase, usually when describing free products on the internet (often social media sites).
When my wife asked me to convert a PDF to a DOCX file, I thought I'd test this proverb in a slightly different way. I googled "convert PDF DOC", and tried the first group of "free" online converters.
Of the ones that are actually free, I took the resultant DOC file and pulled it apart, first just by unzipping it, then in much more detail using some of the tools on Lenny Zeltser's cheat sheet page on analyzing malicious documents: https://zeltser.com/analyzing-malicious-documents/. At this point I think you know where I'm going.
Yes, 3 of the first 5 on the list converted to doc files that contained <gasp> malware - Angler variants all of them. So an "older" kit, but an exploit all the same.
So I guess it's true, you are the product!
Oh, and my wife's request? I just opened the PDF in Word 2013 and did a "save as". Some of the graphics were lost, but everything she needed came through just fine!
===============
Rob VandenBrink
Compugen
Comments
(but even there you're now running danger of trojaned fake download sites -.- )
Anonymous
Sep 13th 2016
8 years ago
Anonymous
Sep 13th 2016
8 years ago
Anonymous
Sep 13th 2016
8 years ago
Anonymous
Sep 13th 2016
8 years ago
Anonymous
Sep 14th 2016
8 years ago