Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Trend Micro was alerted to the discovery of a new attack that exploits a vulnerability in certain Adobe Reader and Acrobat versions. The said vulnerability allows remote attackers to execute arbitrary code via a crafted .PDF file using ZLib compressed streams on Microsoft OS-based systems.

    Cybercriminals targeted contractors of the U.S. Department of Defense with spammed messages with a .PDF file attachment (detected by Trend Micro as TROJ_PIDIEFX.F) posing as a memorandum regarding a conference that will be held in Las Vegas sometime this March. Though the featured conference is real, the memo is not.

    Upon execution, TROJ_PIDIEFX.F drops and executes another malicious file detected as TROJ_DLOADR.AUE. This attempts to connect to the remote site http://{BLOCKED}6.202.49 though as of this writing, the URL remains inaccessible.

    Click Click

    Users are, however, also advised to apply the latest patch, which Adobe released last Tuesday. For more information on the said vulnerability, visit this Threat Encyclopedia page.

    Trend Micro™ Smart Protection Network™ protects users by blocking the spammed messages and detecting and deleting the related malware. OfficeScan users with Intrusion Defense Firewall (IDF) plug-ins are also protected from this attack if their systems are updated with the IDF1003879 filter.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice