iTWire - Attack follows Acrobat update

Attack follows Acrobat update

by Stephen Withers
Thursday, 25 October 2007
Windows users who failed to apply this week's update to Adobe Acrobat and Reader are being targeted by criminal elements. Register now to win a Canon EOS 500D Malformed PDF files purporting to be invoices or other financial documents are arriving in spam emails. If the files are opened on an unpatched system with Internet Explorer 7 on Windows XP or Server 2003, the exploit disables the Windows Firewall, then fetches a downloader program which in turn installs a rootkit. According to reports, at least one of the servers involved in the attack is associated with the Russian Business Network, a group that has been linked to other major malware outbreaks. "So far we have seen a fair number of emails containing this new Trojan in the wild," said Hon Lau, senior security response manager at Symantec. "It is likely that Trojan.Pidief.A has been spammed out in targeted attacks on specific business organizations." Hon Lau and other experts are recommending that users apply Adobe's patch promptly, update their antivirus definitions, and treat incoming PDF attachments with particular caution. Please enable JavaScript in your browser to post your comment! Tags See All Tags Add New Tag... Please Enter New Tags Separated By Comma's Or Close Email Internet Malware Security Software Stephen Withers Windows Powered By Joomla Tags