Cybersecurity agency warns of Malware disguised as PDF editor

ISLAMABAD: With the internet becoming an essential part of everyday life, users continue to face increasing cyber threats. In its latest advisory, the National Computer Emergency Response Team (NCERT) has warned of a dangerous malware campaign rapidly spreading online, disguised as a fake PDF editor application.

According to NCERT, the Malware not only infiltrates users’ systems but also steals sensitive personal data. The agency revealed that the malicious campaign, identified as “TamperChef,” has been active since August 21, and is spreading through fraudulent emails, fake software bundles, and misleading advertisements.

A high-level meeting of NCERT officials resulted in the issuance of a formal security advisory, which has been circulated to both government and private institutions. The malware is believed to exploit a JavaScript-based remote update mechanism, allowing hackers to steal users’ information and, in some cases, install ransomware or spyware.

AMD signs AI chip-supply deal with OpenAI, 10% stake an option

Once executed, the fake installer grants hackers access to a user’s system files, login credentials, browser cookies, and other sensitive data. It can also allow attackers to connect to command and control (C2) servers, potentially compromising entire networks.

NCERT Advisory: Recommended Precautionary Measures

To protect against the TamperChef malware, NCERT advises the following steps:

Block affected IPs and URLs at the firewall and intrusion detection systems (IDS)

Restrict execution of programs from temporary folders using AppLocker or Group Policies

Install updates for all operating systems and libraries immediately

Implement Multi-Factor Authentication (MFA)

Conduct regular phishing awareness campaigns

Ensure antivirus and endpoint security software are updated

NCERT has urged both institutions and individuals to remain vigilant and take immediate action to secure their digital environments.