The attack is pretty simple. Attackers send an encrypted PDF and then, when you respond, they send you a malware-loaded “encryption tool”. That “encryption tool” will even display a fake PDF document to really sell the ruse. However, it’s really backdooring a piece of malware called Spica into your device. Spica steals browser cookies in order to get your information.
How to protect yourself:
- Don’t download bootleg software: It’s not worth the risk to download bootleg software. It exposes your device to potential security threats, such as viruses and spyware. If someone emails you a link for a download, make sure it’s from a reputable source and scan it. Downloading software from reputable app stores is definitely the way to go.
- Don’t click on suspicious links or files: If you encounter a link that looks suspicious, misspelled, or unfamiliar, avoid clicking on it. Instead, consider going directly to the company’s website by manually typing in the web address or searching for it in a trusted search engine. If you see the word “Sponsored” above the search result, take a moment before clicking it and consider clicking on the result below it.
- Update your software regularly: Regularly updating your software is crucial for security because it ensures that you receive the latest patches, bug fixes, and security enhancements. These updates help protect you from vulnerabilities and potential threats that could be exploited.
- Have good antivirus software: The best way to protect yourself from clicking malicious links that install malware is to have antivirus protection installed. This can also alert you of any phishing emails or ransomware scams.
If it has already happened, and you’ve been hacked, then you should take immediate action to minimize the damage and secure your devices.
Here are some steps that you can follow:
- Change your passwords: ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc. You want to do this on another device so the hacker isn’t potentially recording you setting up your new password on your infected device.
- Enable two-factor authentication: You’ll want to activate two-factor authentication for an extra layer of security.
- Monitor your accounts and transactions: You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or the authorities as soon as possible.
- Contact your bank and credit card companies: If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should contact your bank and credit card companies and inform them of the situation.
- Alert your contacts: If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.
- Contact PTS (shameless link)
Hackers will always look for ways to get into your computer. It’s your job to make sure you stay on top of your security and browse the web safely. That includes being cautious of what you’re downloading. Even if you receive a file from a trusted contact, you should do your due diligence.
For even more details and the evolution of this threat, here is a good article from PC Mag.
If you business needs help with Cybersecurity or many other business related IT needs, contact PTS today!
