FBI Denver Special Agent in Charge Mark Michalek emphasized the growing prevalence of this threat: “The best way to thwart these fraudsters is to educate people so they don’t fall victim to these fraudsters in the first place,” noting that the scheme has become “rampant” across the country. Security researchers have identified several malicious domains involved in these operations, including “imageconvertors[.]com” (phishing), “convertitoremp3[.]it” (riskware), and “convertscloud[.]com” (phishing). Threat actors are now deploying malicious software disguised as free online file converter tools to distribute ransomware and other malware. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Assistant Special Agent Marvin Massey confirmed that incidents have been reported within the Denver metro area as recently as two weeks ago, indicating the active nature of this threat campaign. As this scheme continues to evolve globally, maintaining vigilance around free online tools remains essential for protecting personal and organizational digital assets. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This attack ultimately delivers RedLine Stealer malware, which can extract sensitive information from web browsers, cryptocurrency wallets, and applications like FileZilla, Discord, Steam, and Telegram. While the tools successfully perform the advertised conversions, they simultaneously install hidden malware that grants cybercriminals unauthorized access to victims’ systems. If infected, victims should immediately contact their financial institutions, change all passwords using an uninfected device, and consider professional malware removal services.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 25 Mar 2025 10:10:07 +0000