A zero day vulnerability in Adobe Reader and Adobe Acrobat has resulted in a malicious attack spread via infected PDF files that allows hackers to steal victims' data remotely.
Attackers launched malicious code exploiting a buffer overflow vulnerability in Adobe Acrobat Reader 9 and multiple versions of 8 and 7, enabling them to infiltrate and completely take control of an affected system. The malware is distributed via infected PDF files, which is typically used in some kind of social engineering ploy that entices users to open the attachments, experts said.
"To be successful, you'd need to do some kind of social engineering -- an e-mail specifically addressed to a person or some kind of enticement or reason to open the PDF," said Kevin Haley, director of Symantec Security Response.
Once users opened an infected file, a backdoor Trojan is executed, designed to record keystrokes and steal data. The pilfered information is then sent to remote servers where it is compiled and sold on the underground market or used in identity theft activities.
Adobe said in its advisory that it planned to release security updates for Reader 9 and Acrobat 9 by March 11, followed by updates for versions 8 and 7. The company said in its advisory is also partnering with antivirus security companies McAfee and Symantec in an effort to address the issue.
Until Adobe readies a patch to fix the problem, security experts recommend that users disable the JavaScript function on Adobe Reader and Acrobat products, which will prevent code execution but could still allow a system crash.
Security experts said that the attack does not appear to be widespread, and is so far relegated to fewer than 100 incidents in small, targeted attacks. But that could change if more hackers take advantage of the exploit code, experts said.
"It's not a mad outbreak," Haley said. "Whoever is taking advantage of it now is doing targeted attacks. But it certainly is possible for someone else to expand its scope. That's the big fear."
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
