April 16, 2025 By Tushar Subhra Dutta
Cybercriminals have launched a sophisticated malware campaign leveraging fake PDF-to-DOCX converter websites that mimic the popular legitimate service PDFCandy.
The malicious websites, including domains such as candyxpdf[.]com and candyconverterpdf[.]com, deploy an elaborate social engineering tactic designed to harvest sensitive information from unsuspecting users seeking to convert document formats.
When users attempt to convert documents on these fraudulent platforms, they’re presented with a seemingly legitimate interface complete with animated loading sequences and familiar conversion options.
