Symantec has discovered an Adobe Acrobat PDF file that when opened, drops and executes a malicious binary code onto the user's system.
This is according to Gordon Love, regional director for Africa at Symantec. “The malicious PDF files are detected as Trojan.Pidief.G and the dropped files as Trojan Horse.
“This vulnerability is not one we have seen in the wild before and affects Adobe Flash. The authors have taken a bug and turned it into an exploit,” he adds.
Once the unsuspecting user visits the Web site or opens the PDF, this exploit will allow further malware to be dropped on the victim's machine and possibly open a back door for further attacks and threats to be exploited, explains Symantec.
Love says due to the large user base of Flash, which is used in all popular Internet browsers and is also available in PDF documents, attackers have a large “built-in targeted audience”.
In terms of monetising the attacks, Love believes the purpose of the attack is to gain sensitive personal information such as passwords, names, birthdates, credit card and bank details and passwords to conduct fraudulent transactions online.
Until a patch is available, Symantec urges consumers to update their anti-virus definitions and advises Vista users to employ the user account control feature, as an extra safety measure, to help mitigate the risk.
Symantec says it is working closely with Adobe to address this vulnerability.
Related stories:
Mobile malware goes cross-platform
Cyber attacks evolve
Cops fight evolving cyber threat
Phishers target Facebook again
Share