Anyone who has ever used an online word processing program - such as Microsoft Word or Google Docs - knows that it’s pretty easy to get distracted with choosing a font. Long gone are the days of simple typefaces - there are now countless options to choose from! But did you know that choosing your fonts isn’t just about aesthetics?
ReasonLabs’ Revenge of the Unitrix report brings to the fore the latest research on how text tricks can make us run malicious code on our devices. So - what do you as a consumer need to know? Can fonts have viruses? Can font files contain malware and other cybersecurity risks?
Downloading free cyber fonts: Is it safe to download free fonts?
First of all, creativity is always to be applauded - but experimenting with new fonts that offer ‘free’ downloads could be a recipe for disaster. If you’ve tried to download free cyber fonts at home before (has anyone else ever attempted to get hold of Disney’s instantly recognizable font?) you’ll appreciate that many fonts are in fact licensed and the ‘free’ version is basically another way to get you to install malware on your device.
Can font files have viruses?
In terms of cybersecurity, fonts are another vehicle through which a cyber criminal can act. Suspicious or hacked fonts can be used as a vector for a spoofing attack. Although the text may look regular to us, the humble user, your computer will be able to read suspicious encrypted code - and then act accordingly.
One main clue to watch out for is if a familiar website suddenly becomes unreadable, and a browser alert asks you to download a font to fix it. This is almost certainly a trap, whereby a site has been hacked, and what you are seeing is actually a fake browser alert.
Some examples of font exploits in recent years include the One Font campaign which targeted Microsoft 365 users, ZeroFont, which manipulated font sizes in order to enact phishing campaigns, and “hidden text”, placed between letters in order to weaken the recognition performance of anti-spam software.
Encrypted fonts: Attack of the invisible letters
If we delve even deeper into the language and text used on our devices, we can start to discover that the issues stem even deeper than just the display fonts - to the actual letters themselves.
In the Revenge of the Unitrix report, our researchers have laid out for you a much more detailed and technical look at how different texts have been sabotaged, and what this may mean for the individual and their device. Homographic exploits, such as the Unitrix exploit, are used in order to infiltrate your device with viruses and malware such as infostealers, Trojans, and cryptominers. By misusing a specific invisible Unicode Standard character, malicious attackers can trick a user into opening malicious files.
Fonts and cybersecurity: Fonts dangers to avoid
Using a maliciously encrypted font can have serious security implications for your computer and personal data. While fonts are not typically associated with malicious activities, cybercriminals can exploit vulnerabilities in software applications and operating systems to deliver malware through seemingly harmless font files. Using an encrypted malicious font can negatively affect your device in a number of ways:
- Exploiting software vulnerabilities: Encrypted malicious fonts can be designed to exploit vulnerabilities in font rendering engines of operating systems and software applications. When the font is opened or rendered by a vulnerable program, it can trigger the execution of malicious code.
- Installation of malware: If a software vulnerability is successfully exploited, the malicious font can install malware on your system. This could include viruses, Trojans, ransomware, spyware, or other forms of malicious software.
- Remote code execution: Cybercriminals can design malicious fonts to execute arbitrary code on your system. This means that an attacker could potentially gain control over your computer, allowing them to steal your personal data, monitor your activities, or use your computer as part of a botnet for further attacks.
- Keylogging and data theft: Some malicious fonts may be used to capture your keystrokes, including sensitive information such as passwords, credit card numbers, or other confidential data. This information can then be transmitted to the attacker's server through an attack known as ‘keylogging’.
- System compromise: Encrypted malicious fonts can compromise your system's integrity and stability. They can lead to crashes, slow performance, and other disruptions that negatively impact your computer's functionality.
- Data manipulation: An attacker might use malicious fonts to manipulate the display of text on your computer, altering the content of web pages, documents, or other files.
Can TTF files contain viruses?
A TTF file, also known as a TrueType Font file, is a type of font file format commonly used in digital typography. It contains information about the shapes, sizes, and other characteristics of typefaces (fonts) that are used to display text on a computer or other digital devices. TTF files are widely used for displaying fonts on various operating systems and software applications.
TTF files themselves are not inherently harmful and are not executable files, which means they cannot run code or perform actions on their own. They are used to define the visual appearance of text and are primarily used by the operating system or applications to render text in a specific font style.
Although TTF files are not viruses, as with any file type they can still be exploited for malicious purposes in order to deliver malware, such as viruses or other forms of malicious software. If you download a TTF file from an untrustworthy or malicious website, it's possible that the file could contain malware or be a part of a phishing attempt - scammers can carry out file spoofing by disguising malicious files as TTF files, using deceptive filenames or icons to make them appear harmless.
However, it’s reassuring to note that the risk associated with TTF files is generally low compared to executable files like .exe or .bat files. Modern operating systems and security software usually have mechanisms in place to detect and mitigate potential threats from various types of files, including TTF files.
Avoid malicious fonts and protect your cybersecurity
At an organizational level, companies are recommended to use network security architecture in order to be more aware of possible obfuscation techniques designed by threat actors - and thus avoid falling for typical social engineering tactics. Additionally, practicing basic digital hygiene when it comes to cyber fonts and being cautious about the sources from which you download files can help you stay safe from potential threats. If you are still worrying ‘Can fonts contain viruses?’, follow these safety tips when exploring cyber fonts:
- Download files only from trusted sources. There are many well-known websites that offer high-quality free fonts. Avoid downloading from random or sketchy websites, as they might include malware or low-quality fonts.
- Look for fonts that have good ratings and positive reviews from other users. This can give you an idea of the quality and legitimacy of the font.
- Keep your operating system and software up to date with the latest security patches. This helps protect your system from known vulnerabilities.
- Ensure that you have reputable antivirus software, such as RAV Endpoint Protection, installed on your computer. This will help detect and prevent any potential malware or viruses that might be embedded in downloaded files.
- Before opening or installing a downloaded font, scan the file with your antivirus software to check for any potential threats.
- Fonts are typically distributed in common file formats such as TTF (TrueType) or OTF (OpenType). Be cautious of downloading fonts in unusual or executable file formats.
- Ensure the website you're downloading from uses secure connections (HTTPS). This helps protect your personal information and the files you download from being intercepted or tampered with.
- Be cautious of websites that have excessive pop-up ads, redirects, or requests for personal information. These could be signs of an untrustworthy site.
- Pay attention to the permissions the font download requests. Fonts don't usually need extensive permissions. If a font installer asks for unusual permissions, it might be a red flag.
- Before installing a new font, consider backing up your important files. This way, if anything goes wrong during the installation, you won't risk losing valuable data.
Can fonts contain viruses? Safe sites to download fonts
If you are still angling to treat yourself to some new fonts, there are some free reputable options out there that offer a much more secure database, where you can download fonts for personal or commercial use. These websites provide high-quality fonts that are free or available for purchase from trusted designers and foundries.
If you're unsure about the legitimacy of a font source, research user reviews and feedback before downloading. By using reputable font sources and being cautious about where you download fonts, you can enhance your design projects while maintaining security and legality. Just make sure you do your research first so you can be sure you are acting safely!
Here are some well-known and reliable sources for downloading fonts:
- Google Fonts offers a wide variety of open-source fonts that can be used for both personal and commercial projects. The fonts are well-vetted and optimized for web use.
- Font Squirrel provides a curated collection of free fonts that are licensed for commercial use. The website ensures that the fonts they offer are high quality and properly licensed.
- DaFont offers a large selection of free fonts categorized by style. While the website hosts many legitimate fonts, it's important to be cautious and verify the licensing terms of each font, as some may have restrictions.
- Adobe Fonts offers a vast library of high-quality fonts, and it's available to Adobe Creative Cloud subscribers. These fonts are often well-designed and can be seamlessly integrated into various Adobe software applications.
- FontSpace features a wide range of free fonts contributed by designers. While many fonts are legitimate, always double-check the licensing terms of each font you download.
- Fonts.com is a reputable font marketplace that offers a mix of free and paid fonts from well-known foundries. Paid fonts often come with professional support and extended licensing options.
- MyFonts is a popular font marketplace where you can purchase fonts from various designers and foundries. It provides a vast selection of fonts for different design needs.
- Behance is a platform for designers to showcase their work. Some designers offer their fonts for free download on their Behance profiles, so it's worth exploring for unique fonts.
For more information about consumer cybersecurity and best practices, and staying cyber safe, visit www.reasonlabs.com.