Blog Archive

Friday, 29 October 2010

PDF exploit in action

Naked ladies as bait, one more time

One of the much-discussed PDF file exploits is circulating in SEO poisoned links. We found it by following links that popped up from a search for “Vanessa Hudgens No Clothes.”


 (Click on graphic to enlarge)

The malcode takes advantage of a vulnerability in an out-of-date version of Adobe Reader (version 6.0) and it prompts a victim to download Java if it doesn’t find it on his machine. Adobe Reader 9.4, the current version, isn’t vulnerable.


(Click on graphic to enlarge)
Clicking on the “Available Updates” pop-up window runs the exploit which then installs a downloader that can infect the victim with any one of a rogue’s gallery of malicious code.



(Click on graphic to enlarge)
VIPRE detects it as Exploit.PDF-JS.Gen (v)

Thanks Patrick

Tom Kelchner

No comments:

Post a Comment