Major Malicious PDF attack underway using Adobe exploit
Posted
Friday, October 26, 2007 9:11 PM
by
hwaldron
Please be very cautious with any PDF files received in EMAIL messages. If you use Adobe, it's very important to move to the latest version 8.1.1 plus keep AV protection updated.
Malicious PDF files being spammed out in volume
http://www.f-secure.com/weblog/archives/00001303.html
http://www.f-secure.com/v-descs/exploit_w32_adobereader_k.shtml
http://www.avertlabs.com/research/blog/index.php/2007/10/24/pdf-mailto-exploit-seen-in-wild-today/
http://blogs.zdnet.com/security/?p=614
http://www.microsoft.com/technet/security/advisory/943521.mspx
QUOTE: Malicious PDF file (report.pdf or debt.2007.pdf or overdraft.2007.10.26.pdf or so) has been massively spammed through email during last hour and the spam run is still continuing. The PDF is spiced with CVE-2007-5020 exploit that downloads ms32.exe that downloads more componets. At this point it's not clear yet what is the final payload of the malware, because of missing files in the download chain. We are investigating further.
The subjects for the spam messages include:
Your credit report
Your credit points
Your balance report
Personal Financial Statement
Personal Credit Points
Personal Balance Report
Your Credit File
Balance Report