Do you often open PDF files without thinking? You may want to reconsider. A new hacker tool called MatrixPDF allows a hacker to generate normal PDF files that can become traps to steal your information or spread malware.
The toolkit allows hackers:
• To take any PDF file and insert fake secure screens into them
• To blur text so you have to click a button to "unlock"
• Insert hidden links or scripts to fake websites
From the victim’s perspective, it appears to be an harmless file, but it’s actually made to trick them.
How many times have you clicked “View Document” in a hurry? Hackers prey on that habit.
• $400/month
• $1,500/yr
Yes, shocking – but to them, that is a business expense. If they make money with one scam, by stealing logins, credit card info, and company info, then they are in the green on it.
• Avoid opening PDFs from users that you do not know.
• If a PDF indicates you need to "unlock" or "open securely", consider that your first warning.
• Companies should invest in more sophisticated email security to identify clever tricks hidden inside PDFs.
• Check the sender before clicking on anything—when in doubt, double-check with the sender of the email.
The good news? Awareness is your greatest defense. If you notice a blurred file or one that instructs "secure viewing" or some other similar instruction, stop and ask yourself: Do I trust this file?
It really only takes a second to think and it may save you a world of problems.
What is MatrixPDF?
MatrixPDF was discovered by security researchers from Varonis while monitoring hacker forums. It is sold as a “phishing test” tool, sanctioned to be used; however, criminals are using it to conduct their nefarious tasks.The toolkit allows hackers:
• To take any PDF file and insert fake secure screens into them
• To blur text so you have to click a button to "unlock"
• Insert hidden links or scripts to fake websites
From the victim’s perspective, it appears to be an harmless file, but it’s actually made to trick them.
What makes it dangerous?
One of the most disturbing parts of MatrixPDF is that the files can bypass Gmail and other email filters. The PDF does not carry a virus inside; it only has links, so scanners see them as safe. That's where the danger eventually starts; once you click that “Open Secure Document” or “Unlock File” button, it is dangerous.How many times have you clicked “View Document” in a hurry? Hackers prey on that habit.
How much does MatrixPDF cost?
This is not a free script; hackers actually pay a premium for MatrixPDF:• $400/month
• $1,500/yr
Yes, shocking – but to them, that is a business expense. If they make money with one scam, by stealing logins, credit card info, and company info, then they are in the green on it.
How can you safeguard yourself?
Below are some straightforward safety recommendations:• Avoid opening PDFs from users that you do not know.
• If a PDF indicates you need to "unlock" or "open securely", consider that your first warning.
• Companies should invest in more sophisticated email security to identify clever tricks hidden inside PDFs.
• Check the sender before clicking on anything—when in doubt, double-check with the sender of the email.
Final thoughts
Hackers utilize PDFs knowing that people trust them. Resumes; invoices; tickets; contracts, etc., we see these items every day. Hence the reason MatrixPDF is such an ingenious yet dangerous tool.The good news? Awareness is your greatest defense. If you notice a blurred file or one that instructs "secure viewing" or some other similar instruction, stop and ask yourself: Do I trust this file?
It really only takes a second to think and it may save you a world of problems.
