29
Got this from hardwarezone. Be careful guys.
Malicious PDF Files Being Spammed out in Volume
F-Secure has been monitoring a large mailing of malicious PDF files. These PDF files exploit a recent vulnerability. When such PDF files
are viewed on vulnerable machines, they get infected.An unknown party has been sending out tens of thousands of mails with Subject-lines
like:Your credit report
Personal Financial Statement
Your Credit File
Balance ReportThe mails contain no mail body, only an attachment called “report.pdf”. When opened, the PDF file uses the CVE-2007-5020 vulnerability via Acrobat Reader and IE7 and downloads further malware from a server in Malaysia. The target of the malware seems to be to create a botnet of infected machines to be used for further malicious activity.
“We’re worried about this case, as PDF attachments are typically not filtered at email gateways,” says F-Secure’s Chief Research Officer Mikko Hypponen. “Executable files are now stripped almost everywhere, but PDF is stripped almost nowhere.”
“Also, a security update for Acrobat Reader was just made available few days ago, so there are tons of users who haven’t had a chance to update yet.”
F-Secure Anti-Virus detects the report.pdf malware as Exploit: W32/AdobeReader.K.
Further information is available via F-Secure blog at http://www.f-secure.com/weblog/
Posted by DeeK™ on October 29, 2007 at 11:47 pm
Filed under : Tech | Permalink