Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    .PDF files—or their inherent features—have been used by cybercriminals in some of the most noteworthy attacks we have encountered. Modified versions of this file type have been especially notorious these past few months since they are capable of attacking user systems by initially exploiting inherent vulnerabilities found in Adobe Reader and Acrobat. TrendLabsSM has documented a number of these attacks:

    A newly spotted malformed .PDF was found to also attack flaws found in the aforementioned Adobe software products; however, this kind of .PDF contained an object that was embedded within itself using FlateDecode and ASCII85Decode, two common filters used in .PDF files to filter images before compressing them. This object turned out to be an Extensible Markup Language (XML) file bearing a malicious Tagged Image File Format (TIFF) file.

    Trend Micro detects the .PDF file as TROJ_PIDIEF.AAL. It can exploit the following vulnerabilities:

    Once these vulnerabilities are exploited, this Trojan connects to several URLs to download files, which were also found to be malicious. Trend Micro detects these downloaded files as TROJ_DNSCHANG.XT and TROJ_FRAUDPAC.QL.

    Trend Micro protects users via the Smart Protection Network™, which blocks access to all malicious URLs via the Web reputation service and detects all related malware via the file reputation service.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice