Malware hits Freelancers at Fiverr... Take care!

[carineb]

Extract from a press article:
Recently, security researchers at MalwareHunterTeam have discovered a new piece of malware that has been targeting unsuspected freelancers on Fiverr and Freelancer which means that millions of unsuspected users are currently at risk.

According to analysis shared by MalwareHunterTeam on their Twitter account, attackers are sending malicious attachments “My details.doc,” to freelancers disguising as clients claiming to offer a new job and to view the job requirements, a freelancer is required to click on the malicious documents.

For more information, please read those articles:

HackRead – 24 Sep 18

Malware hits Freelancers at Fiverr and Freelancer.com

Follow us on Twitter @HackRead

ZDNet

Freelance workers targeted in new malware campaign | ZDNet

Updated: Malicious macros are being spread in a campaign targeting job seekers on freelance and casual work platforms.

Latest Hacking News – 23 Sep 18

Freelancers Being Targeted With Malware Disguised as Job Offers - Latest Hacking...

635       635SharesUpdate – Abby from Fiverr has made the following statement to LHN “Operating across 190 countries and with millions of

[abdullah_shah]

the attached files may be Malicious 😁

[uk1000]

Fiverr should at least scan attachments for viruses/malware.

[steve_maxell]

I got hit by this last week. I had posted an article on the day I got it. It’s funny because normally I get an email when CS had closed a complaint. Never got one for this. Must have taken it seriously.

[misscrystal]

I don’t do anything that requires my getting a .doc file and yet sometimes get them where someone insists I read one. Usually it’s a .docx.

The last time the person was very insistent that I read it, and finally said JUST OPEN IT!

[cyaxrex]

And if you are a Fiverr user, you have to read Hacked to get the heads up? What about sellers who would usually enable macros to edit documents for clients? Fiverr could at least send out their own warning email.

[adrover]

If someone sends me a document with a very general message, it’s a huge red flag. I always ask them to send me the details in Fiverr’s chat. They never do.

[misscrystal]

If someone sends me a document with a very general message, it’s a huge red flag. I always ask them to send me the details in Fiverr’s chat. They never do.

I always ask them to send me the details in Fiverr’s chat. They never do.

I do that too, and you’re right, they go away when you say that. It’s just that file they want you to open so badly.

I’ve gotten the exact message that article mentioned at least twice lately.

[ydrawing]

Well, there are few things in case paranoia hits you.

• After download the attachment scan it with VirusTotal, also an Antivirus is mandatory & BitDefender is the best in this branch.

• You can upload the document (pdf & doc) on Google Docs and that way you won’t open it on your local machine.

• Use Sandboxie or a virtual machine (Linux)

• Make sure your Firewall is always up

• Don’t enable macros on MS Office. It happen to me twice, behind was a little script that wanted to download some exe file. Fortunately, my BitDefender Firewall did a great job by blocking the connection.

• And lastly, if you realize you got hacked or open a virus, immediately disconnect form your internet and reinstall your OS.

[shantho5]

Thank you for aware us about this malware. It will be very helpful for all sellers on this marketplace.

[Guest creatorscafe]

I think Fiverr should take care of this , they should implement built in virus and malware scan in their system to automatically scan the file uploaded by the user for potential threats ,and if any threat found by the system in the file it should automatically disable / stop file upload .

[emeraldawnn]

I’ve got an antivirus program that will check on my downloaded documents before allowing me to open it. It actually gives me the message that this file is safe to open. I absolutely love my iObit antivirus+ program.

[Guest sujon_kumar_dey]

the attached files may be Malicious 😁

Thanks for your information, But any freelancer already suffer for this? any information?

[fogi]

While I love to tell what is wrong with fiverr, this time I have to say, they do a fairly good job on fake accounts spreading malware or have any other type of harmful contact with buyers. They get disabled pretty fast.

Also, some commons sense is needed from sellers. If someone writes you a short message, and attaches a file, just push back, no real client looks like that.

[naikoosuhaib]

This has been happening last time I got a files but soon that person’s account was banned. I am really afraid now like people keep sending drive links they are know but when you have work with documents it becomes hard to trust on things.

[skyline85]

i am also scared of opening buers attachments

[skyline85]

This has been happening last time I got a files but soon that person’s account was banned. I am really afraid now like people keep sending drive links they are know but when you have work with documents it becomes hard to trust on things.

true brother …

[frank_d]

For people like me who deal with docx files regularly (scripts, briefs, etc) you can still remain safe if you:

A) never open the file via your browser’s download tab.
B) only open files via “protected mode” while using MS Office.

Scanning all files with an antivirus program is of course mandatory.

And take some time to evaluate who contacts you and how they are communicating with you.

There are plenty of red flags when someone is trying to attack you, and they usually stop trying when you ask them politely to send a brief synopsis via the chat tool.

[misscrystal]

Well, there are few things in case paranoia hits you.

• After download the attachment scan it with VirusTotal, also an Antivirus is mandatory & BitDefender is the best in this branch.

• You can upload the document (pdf & doc) on Google Docs and that way you won’t open it on your local machine.

• Use Sandboxie or a virtual machine (Linux)

• Make sure your Firewall is always up

• Don’t enable macros on MS Office. It happen to me twice, behind was a little script that wanted to download some exe file. Fortunately, my BitDefender Firewall did a great job by blocking the connection.

• And lastly, if you realize you got hacked or open a virus, immediately disconnect form your internet and reinstall your OS.

if you realize you got hacked or open a virus, immediately disconnect form your internet and reinstall your OS.

I’ve had viruses and never had to do that. I assume everyone has a antivirus program so it will catch it and quarentine it.

The most annoying things I’ve had and what is not uncommon is browser hijack ransomware.

It had a big message to call an 800 number and pay about $50.

I spent 3 days one time trying to get rid of that on a computer. I rolled back the entire OS to when it was new to get rid of it.

After SONY PICTURES had all their computers hijacked in this way by the hacking specialists working for a certain government they actually had to pay the hackers a lot of money to get use of their computers again.

[lucypinky]

Valquiriaagot put an unsafe link in the buyers request. I’m here from 1 month and it happens already two times. The fist one one calling morning and I don’t remember the end send me a message with an unsafe link telling me he wanted the page translated. Bye.

[abid_rh]

Well, there are few things in case paranoia hits you.

• After download the attachment scan it with VirusTotal, also an Antivirus is mandatory & BitDefender is the best in this branch.

• You can upload the document (pdf & doc) on Google Docs and that way you won’t open it on your local machine.

• Use Sandboxie or a virtual machine (Linux)

• Make sure your Firewall is always up

• Don’t enable macros on MS Office. It happen to me twice, behind was a little script that wanted to download some exe file. Fortunately, my BitDefender Firewall did a great job by blocking the connection.

• And lastly, if you realize you got hacked or open a virus, immediately disconnect form your internet and reinstall your OS.

Thanks for such useful advice.

[naikoosuhaib]

Fiverr should at least scan attachments for viruses/malware.

Fiverr should at least scan attachments for viruses/malware.

They do it I guess because many messages when received go to spam or show a message that it might be harmful and the account doesn’t also withstand for long but some become victims up to Fiverr bans such account.

[arfanmiah]

so thats why i had problem downloading a notepad file from a clients message.

[nikavoice]

For people like me who deal with docx files regularly (scripts, briefs, etc) you can still remain safe if you:

A) never open the file via your browser’s download tab.

B) only open files via “protected mode” while using MS Office.

Scanning all files with an antivirus program is of course mandatory.

And take some time to evaluate who contacts you and how they are communicating with you.

There are plenty of red flags when someone is trying to attack you, and they usually stop trying when you ask them politely to send a brief synopsis via the chat tool.

For people like me who deal with docx files regularly (scripts, briefs, etc) you can still remain safe if you:

Yup! I do everything you’ve mentioned. 🙂

There are plenty of red flags when someone is trying to attack you, and they usually stop trying when you ask them politely to send a brief synopsis via the chat tool.

I get these slicksters once in a blue moon, I just roll my pretty eyes. :roll_eyes:

Teamviewer is another old dirty trick that people should avoid at all cost.

[psychicbunny]

I never open people’s attachments lol. Whenever they send me even photos of themselves I’m just like “Nope. Not touching it.”