TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies
Aug 29, 2025
Malware / Windows Security
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef . "The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef," Truesec researchers Mattias Wåhlén, Nicklas Keijser, and Oscar Lejerbäck Wolf said in a report published Wednesday. "The malware is designed to harvest sensitive data, including credentials and web cookies." At the heart of the campaign is the use of several bogus sites to promote an installer for a free PDF editor called AppSuite PDF Editor that, once installed and launched, displays to the user a prompt to agree to the software's terms of service and privacy policy. In the background, however, the setup program makes covert requests to an external server to drop the PDF editor program, while also setting...
