Be careful, FoxIt PDF Reader flaw being exploited by Hackers targeting cryptos

[Yaunfitda]

I'm pretty sure that majority of us have used PDF before and have used either Adobe Acrobat PDF reader, or the alternative FoxIt PDF reader. The later then was recently used by cyber criminals to deliver their malware and somewhat as a crypto enthusiast we are one of the targets as it has crypto miner and crypto wallets.

First you might received this kind of email and if you click on the attached link, you might see the below:



And once you click "OK", a second pop up will appear



And if you are unsuspecting about everything and then click, "Open". It will then download and executed the malware's payload.

These are all the system information that this hackers are going to get from you,



And as recommended:

Until the software update is applied, Foxit users are advised to remain vigilant about potential exploitation and adhere to classic defense practices. To mitigate the risks of being affected by such threats, it is essential to:

- Keep operating systems and applications updated through timely patches and other means.
- Be cautious of unexpected emails with links, especially from unknown senders.
- Enhance cybersecurity awareness among employees.
- Consult security specialists for any doubts or uncertainties.

This is just a heads-up, we are really exposed to this cyber threat now as we approach the bull run and so everyone should be very careful.

https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/

[Faisal2202]

Thanks for sharing it with us although I don't use this PDF reader but from now on I will be vigilant while using mine. This is the first time hearing about this PDF reader, as the best way is to use MS Office from an official site, as if you download pirated then that would be like giving your computer access to hackers. Is there any case of funds being stolen recorded or it's just they were able to show the user a phishing link?

Last time it was Winrar which was exploited by the hackers and now this PDF reader, I wonder what would be next time, I always afraid of using pirated software, until I step into crypto world, but before I only used them with no fear. But I think its a good thing I stopped using them as other than crytpo involvement, they stole other useful things too. For now the users of this pdf reader must delete the software and use something else.

[Orpichukwu]

The more the list of infected software is being compiled on a regular basis, the more scary things are becoming to me. Who knows what common apps one might have on their PC and even mobile gadgets that are also programmed to target crypto wallets? 
 
Before, it was on some uncommon apps, which we don't need on a regular basis. Later,  some antivirus's self are malware careers, clipboard viruses, and the rest of them. The safest is to use separate devices for different purposes. If you must download some app or document on your PC or gadget, it should be on a separate one from which you use your crypto storage.

[Luzin]

I just heard this. A few months ago there was indeed phishing via whatsapp sending pdf files. This pdf contains wedding invitations that are actually in the form of applications. The file is renamed only. In my local media many have become victims and lost money in the bank.

Ask a friend for permission to share in my local forum. Thanks a lot.

[cryptomaniac_xxx]

The scary part is that it can be tailored to anyone, to any countries and obviously they targeted the second best apps to open a PDF so that we won't suspect anything. So this is a very clever moved by the hackers or criminals as we won't suspect anything.

And when you click and open it, might be the end of not just our crypto, but everything, including our bank accounts, personal data, images, text message.

So thanks to the OP, maybe today we will not get this kind of message, but in the future who knows, our email address might be leaked and we could be in the email blast from this criminals.

[albon]

Thank you for warning the community and Foxit Reader users about this highly dangerous exploit. The danger lies in downloading malicious PDF files, which you usually find in emails, on Facebook, or some free book sites on Google. After opening the malicious PDF file in Foxit, it executes malicious harmful code if the victim ignores the warning messages, presses OK, and opens the file. Unfortunately, this exploit will enable the hacker to steal many essential and sensitive data, including passwords and cookies from browsers, and cryptocurrency wallets. Therefore, it is recommended that we use Adobe Acrobat Reader for now until the Foxit team fixes this exploit in version 2024.3.

This reminds us all of the necessity not to use our primary devices, which contain any important data, for downloading PDFs, cracks, or torrent files, etc., as hackers can exploit one of the programs and carry out their fraudulent activities without our knowledge.

[yazher]

I never thought they could do this kind of stuff no wonder there are lots of victims who are not vigilant enough to check whatever files they are downloading on their computers. That's why when you are a crypto holder, you really need to update yourself when it comes to protecting your crypto and learn the latest method of preventing yourself from getting hacked because scammers and hackers always come up with new ideas and techniques, and sometimes in a way we don't perceive such as this one.

[tech30338]

Thank you for the headsup i have uninstall foxit reader to one of my computers a few months ago, i would also suggest that don't entertain unknown emails, and keep your mouse from clicking this things, we should educate everyone we know even those who are not into crypto, since they will be the target and prone, to this kind of exploite, but i always gives advice to all of my users to never click anything if they are not sure what it is.

[Churchillvv]

This is wild and definitely one of the biggest type of hackers/fraud in the 21st century.

I want a similar scenario in the movie called "BeeKeeper" where a woman who's a custodian to an orphanage funds stored using a crypto hardware or so in her devices was scammed with this kind of malware but in a different format but almost the same thing and she committed suicide which lead to the movie.

Now, I said the above to should what the result of this kind of malware attack for bitcoin enthusiast can be if eventually one falls victim of such but perhaps we are warn ahead of time which is absolutely appropriated.

[EluguHcman]

The practical tools used by this crafty scammers to execute all those illegal and malicious programs on readable files and operating system is just one thing I don't understand the possibility on how they gain accesses.

You can imagine opening a usual file and then at some times some flash messages just like that one OP has updated will pop up and ask you to click or download before proceeding or to view some added features, some will even say your files would be at risk if you don't complete those tasks.

Therein, if you follow the malicious directives, you will be ask to download an app to proceed, sometimes we are unaware about the phishing programs and after downloading it you will be redirected to download another and the more you are taking their directions is gradually they are gaining access to your files or operating privacies.

What baffles me then is that those malicious apps are being licenced on the Google Play Store where most users believes whatever app on the system is legit and approved to be used.

[Jating]

I never thought they could do this kind of stuff no wonder there are lots of victims who are not vigilant enough to check whatever files they are downloading on their computers. That's why when you are a crypto holder, you really need to update yourself when it comes to protecting your crypto and learn the latest method of preventing yourself from getting hacked because scammers and hackers always come up with new ideas and techniques, and sometimes in a way we don't perceive such as this one.

This is a handy work of sophisticated criminals, everything is now possible specially they know that they can trapped their victims and if they successful gain access, they can have our cryptos. And as a crypto enthusiast, I do agree, we should really be updated on what is the latest not just the news about the crypto that we follows, but as well as how to world of criminals are targeting us.

Before, it the malware was very simply, but not it's very different, so we really need to educate ourselves and thanks to some members here who keeps on reminding us and reporting such attacks are possible.

[Marvelockg]

This is just a heads-up, we are really exposed to this cyber threat now as we approach the bull run and so everyone should be very careful.

https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/

the rate of security bridge that's now going on with the use of our mobile devices is now increasing at an alarming rate. No where is safe anymore and you can't even trust any source of upgrade and update you're now doing on your device. Spamming is increasing at a fast and alarming rate and the only thing we need to do is to stay vigilant and never assume we know it all.

One of the easiest way these guys gets her victims is through setting the process in such a way that it's deficult to skip them most expecially when you have important thing to do at that moment.mosr of us are even too careless with how we navigate through updates. Once you see those pop up messages you you proceeds to clicking yes and yes and yes till the end without knowing that you're exposing yourself to a very serious threat.

Thanks a lot for the heads-up. Hopefully, someone get to save his ass through this information.

[Yucky]

So your PDF readers is now also valnourable to attack? Wow!

Thanks you for telling us this important information about this latest development that's now a serious threat to our security. What I was familiar with as a means through which hackers can easily access my device with is through them sending links to my email in form of spam and then when I click it they get access to some of my private information. I never knew that it has gotten to the level where by granting them access to your PDF they can get your crypto information and still from you in the process.

[Cricktor]

PDF is an overly bloated feature overpacked file format that because of its too many features and active scripting capabilities has been and is still a security nightmare. Doesn't much matter which PDF application is the next to be exploited, you can literally wait for it.

You should never allow foreign PDF files to do any nasty things and your PDF reader of choice should never allow active components to execute without asking. If in doubt, don't allow anything, simple as that.

Learn more about IT security, it pays off now and later.

[Cryptoprincess101]

Very unfortunate this cyber insecurity is becoming a threat because people don't even know apps that have malicious contents and phishing sites anymore because almost every thing in the Internet now have been tampered by these cyber thieves I am even surprised that they can manipulate this Adobe PDF readers because I use it to read PDF files oftenly, now one needs to be very careful and at alert not to fall victim. This is why I normally set antiphising codes in most of the apps I use that supports it.

[AVE5]

So your PDF readers is now also valnourable to attack? Wow!

Thanks you for telling us this important information about this latest development that's now a serious threat to our security. What I was familiar with as a means through which hackers can easily access my device with is through them sending links to my email in form of spam and then when I click it they get access to some of my private information. I never knew that it has gotten to the level where by granting them access to your PDF they can get your crypto information and still from you in the process.

You just made a viral point popularly known to be technique which scammers uses to gain access to victims Privacies but the pdf reader which Op iw talking about is a unique one which most internet account users like you may not know about. So it's an undergoing tricky trend with lot of sensitive malicious programs redirecting users with the operating system command. So abiding to the vindictive instructions is a warrant access of the  striker to to compromise your datas.
So always stay guided and alert that the scammers are always smarter than you'd ever think.