- Recommend:
- 0 Comments
Unreleased Virus Targets Acrobat Files
Hacker writes Outlook.pdf to prove PDF files are vulnerable, researchers say.
A worm that infects PDF (Portable Document Format) files, generated by Adobe Acrobat, has been created in a lab. While it is not "in the wild," its birth shows PDF files are not immune from infection.
The worm appeared Tuesday and was analyzed by Bernardo Quinteros, head of the Madrid-based security firm HispaSec Sistemas, and Richard Smith, chief technical officer of the Privacy Foundation.
"Even considering that it is a just-created laboratory virus, this is like a seed of an upcoming deluge of viruses of the same kind in PDF files, a format considered safe up to now," Quinteros says.
The virus is called Outlook.pdf, and it is considered "experimental," with a small capacity to infect, Quinteros adds.
To travel, Outlook.pdf uses Acrobat and Microsoft Outlook functions differently than previous worms. Both researchers say the worm uses Outlook to send itself hidden in a PDF file. When opened using Acrobat, the file launches a game that prompts the user to click on the image of a peach. That prompts a Visual Basic script that activates the virus, they say.
The virus spreads by using all the addresses from e-mail messages in any Outlook folder, not just the program's Address Book. It embeds itself into a PDF file, disguising itself by changing the e-mail's subject, body, and attachment lines every time, they say. The researchers have posted an image from the game.
Just Experimenting
The worm has been developed by "Zulu," an Argentine hacker well known in the virus underground as a prolific innovator, according to Quinteros.
Zulu created it as a "proof of concept," to prove that Adobe Acrobat files can be virus carriers. It requires the presence of both Outlook and the full Acrobat program, not just the Reader, the free utility that most users have installed.
It is unclear whether Zulu is targeting Adobe's software with his newest invention because of recent hacker community animosity toward Adobe. The company initially sought, then withdrew, a complaint against Russian programmer Dimitry Sklyarof. The programmer demonstrated at the recent Def Con security conference a utility that breaks copy-protection of electronic books produced by Adobe Acrobat.
"There has been very little public discussion of Adobe Acrobat security issues as far as I can tell. Since PDF files are considered safe by Internet Explorer, it means that Acrobat security holes are easy to exploit from Web pages and HTML e-mail messages," says the Privacy Foundation's Smith.
Zulu has told Quinteros he creates worms just for fun, because he finds it an educational experience. He does not feel guilty about doing it, and the actions are not considered a crime under Argentine law yet. The worms Zulu has written do not usually carry a dangerous payload by themselves, although they can be adapted to malicious wrongdoing by others, according to Quinteros.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
- Critical IE Graphics Flaw Resurfaces
- PDF-Xchange Viewer
- Patch Now: Microsoft RDP Exploit Code Is in the Wild
- Create and Modify PDF Files With PDF-XChange Pro 2012
- Adobe Reader Under Zero-Day Attack
- Acrobat 7 Pro Lets Readers Chime In
- PDF Converter Turns Acrobat Files Into Word Docs, Spreadsheets, and More
- Endpoint Protection v.12.0 Small Business Edition (Full Product, 10 Users) See All Prices
- Norton Antivirus 2012 (Full Product, 3 PCs) See All Prices
- Total Protection 2012 (Full Product, 3 Users) See All Prices
- Antivirus with Spy Sweeper See All Prices
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.





















