F-secure Warns against Corrupt PDF Files Deluge
As per the security company F-secure, countless e-mails carrying malevolent PDF (Portable Document Format) files have been swamping the message folders of corporate consumers as of October 26, 2007.
USA's Ministry of Transport and Communications has been particularly advised against clicking open all PDF-attachments from unfamiliar senders. The threat is more apparent since PDF attachments are normally not screened at e-mail portal.
As indicated by F-Secure, the e-mails resemble credit card bills, with headers such as 'Personal Financial Statement', 'Your credit statement', 'Balance Sheet' and so on. The corrupted file bears an attachment named report.pdf.
Whenever such PDF files are scanned on infected computers, they begin downloading program from foreign hosts in Malaysia or Sweden, which are currently being debugged.
F-Secure has alleged that these strikes are targeted towards taking control of the computers to facilitate the distribution of more malicious software. Furthermore, the security company is now involved in unclogging the affected computers.
Several strikes that utilize corrupted file attachments within an e-mail are intercepted before they are delivered in the receiver's inbox since they include executable files that when opened deploy themselves on a computer.
The strikes are unique since PDF files are usually believed to be harmless by majority of the e-mail filtering applications, and therefore, these e-mails also infiltrate effortlessly. PDFs are usually viewed by the means of Adobe's free Acrobat Reader program.
Adobe was conscious of the flaw in its program quite a few days back, but since users wouldn't inevitably utilize Acrobat Reader daily, they may be oblivious to the fact that it has to be updated.
Besides, Acrobat Reader's security update was offered just some days back, thus, there are suggestions of clients who haven't yet had an opportunity to modify. Thus, spammers are evidently trying to create maximum trouble before people position Adobe's security patch that was released in the last week of October.
The Chief Research Officer of F-Secure, Mikko Hypponen, stated that they are concerned about this situation, since PDF attachments are normally not removed at e-mail portals. Nowadays, executable files are removed nearly ubiquitously, but PDF files are not removed anywhere. Techshout published Mikko's statement on October 29, 2007.
Related article: F-Secure Alerts against Bogus Windows Update Sites
» SPAMfighter News - 15-11-2007