Malicious PDF files - Grow in sophistication and volume
PDF files are becoming a key method for malicious attacks as documented in these four informative articles. Attacks are increasing in terms of volume and complexity.
AVERT Labs - Surrounded by Malicious PDFs
QUOTE: Malicious PDF files and related exploits are invading the Net. Looking at the CVE records in the National Vulnerability Database for Adobe products, we see a dramatic increase in 2009. Today malware involving malformed PDF file are legion. From less then 2 percent of malware directly connected to exploits in 2007 and 2008, they have reached 17 percent in 2009 and 28 percent during the first quarter of 2010.
Trend - PDF Exploit Becomes a Little More Sophisticated
QUOTE: PDF files—or their inherent features—have been used by cybercriminals in some of the most noteworthy attacks we have encountered. Modified versions of this file type have been especially notorious these past few months since they are capable of attacking user systems by initially exploiting inherent vulnerabilities found in Adobe Reader and Acrobat.
Sunbelt - PDF file with a malicious downloader agent embedded
QUOTE: It uses a script in a PDF file to install a back door that starts up whenever Internet Explorer is launched. The infected svchost.exe file that it drops has been around for a while, but using a malicious PDF file to drop it is the interesting new twist. We’ve seen other reports of similar malware out there today.
Sophos - Postal Theme PDF SPAM
QUOTE: The Bredo malware-spammers are back, and they’ve been reading about how to run executable files from a PDF using /Launch, a trick we’d already started to see used by malware. This latest spam campaign uses this technique (it’s not really exploiting a vulnerability as such, since PDFs were specifically designed to be able to do this) in a slightly modified format.