Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Adobe’s ‘0-Day’ Exploitation Affects Defense Contractors

According to investigators from Symantec the security company, Internet-assaults abusing a zero-day security flaw within Adobe Reader seemingly aimed at defense contractors as well as other organizations.

On December 6, 2011, an online security advisory from Adobe cautioned users of Adobe Acrobat and Reader about the critical flaw arising from the way the applications gained admission into PDF files. Attackers as well abused the flaw on Windows-PCs running Adobe Reader 9.x, the advisory stated.

Further, Security Intelligence Manager Joshua Talbot from Symantec Security Response said that according to the Symantec investigators, attackers dispatched e-mails containing malevolent PDF files, which while abusing the vulnerability, targeted the inboxes of chemical and telecommunication organizations besides defense contractors. Eweek published Talbot's statement on December 7, 2011.

The manager also stated that the attack electronic mails had been disguised so that they seemed to be dispatched on 1st and 5th November 2011 from companies and agencies the recipients knew.

Additionally, the security company posted a redacted electronic mail's picture pertaining to the attack's lure i.e. an offer of one guide for 2012 depicting the policies and procedures of fresh contract awards. The e-mail was an illustration about the pitches, which attempted at so fooling its recipient that he willingly viewed the given PDF file in the attachment.

Moreover, with a caption reading "FY12 XXXXX Contract Guide," the e-mail's text just stated that the contract guide FY12 XXXXX was presently available that any XXXXX contractor could obtain, adding that the new instruction manual carried the latest details about the XXXXX contract awards' procedural policies.

As for the PDF file attachment, when viewed, it unleashed a hitherto concealed malware that possibly was a distorted 3D graphics content, which hijacked the target computer as well as allowed the attacker in contaminating the system via the malware.

According to Talbot, that malware was the same that hackers employed during early 2010 for exploiting vulnerability within Microsoft's Internet Explorer versions 6&7 that wasn't still patched. Computerworld.com published this dated December 7, 2011.

The malware, Symantec identified as "Sykipot" during 2010, whereas the PDF attachment as Trojan.Pidief as well as the installed element -Backdoor.Sykipot.

Related article: Adobe Rates Acrobat Vulnerabilities “Critical”

» SPAMfighter News - 12/19/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page