Malicious PDF files accounted for up to two thirds of infected email in three-day spam campaign

Dark Reading Staff, Dark Reading

November 1, 2007

1 Min Read

BOSTON -- IT security and control firm Sophos has revealed the most prevalent malware threats and countries causing problems for computer users around the world during October 2007.

The study, compiled by Sophos's global network of monitoring stations, has shown that a new Trojan horse, PDFex, which is typically spammed out in email messages with an infected Adobe Acrobat PDF attachment, has smashed its way into third position in the chart. The Trojan was widely spammed out in an attack during the last few days of October, taking advantage of an unpatched Windows vulnerability to infect innocent PCs.

"PDFex only started to circulate at the very end of the month, but still managed to account for more than 13 percent of all emailed malware during October. It was heavily spammed out between October 26-28, and during that period, it accounted for a staggering two-thirds, or 66 percent, of all malware spread via email," said Carole Theriault, senior security consultant at Sophos. "PDFs have long been used in business as a means of sharing information, so the social engineering trickery of using a PDF puts insufficiently protected businesses at risk. Adobe has issued an update to its Acrobat software that fixes the problem, and eyes are now turned to Microsoft to patch the underlying flaw in Windows, which could also affect other vulnerable applications such as Skype and Firefox."

Sophos plc

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights