Malicious PDF files being spammed out in volume
SAN JOSE, Calif. -- F-Secure has been monitoring a large mailing of malicious PDF files. These PDF files exploit a recent vulnerability. When such PDF files are viewed on vulnerable machines, they get infected.
An unknown party has been sending out tens of thousands of mails with subject-lines like:
Your credit report
Personal Financial Statement
Your Credit File
Balance Report
The mails contain no mail body, only an attachment called "report.pdf". When opened, the PDF file uses the CVE-2007-5020 vulnerability via Acrobat Reader and IE7 and downloads further malware from a server in Malaysia. The target of the malware seems to be to create a botnet of infected machines to be used for further malicious activity.
"We're worried about this case, as PDF attachments are typically not filtered at email gateways", says F-Secure's Chief Research Officer Mikko Hypponen. "Executable files are now stripped almost everywhere, but PDF is stripped almost nowhere. Also, a security update for Acrobat Reader was just made available few days ago, so there are tons of users who haven't had a chance to update yet".
Read more about:
2007About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024