|28 Apr 2010||#1|
| || |
PDF /Launch Trick Spotted in New Attack.
A new email-based social engineering attack employing the PDF /Launch technique to infect computers with malware has been spotted in the wild. The malicious messages trick users into opening rigged PDF files by claiming they contain the fresh POP3/SMTP connection settings.
At the end of last month, Didier Stevens, an IT security consultant and researcher based in Belgium, revealed a social engineering technique that he dubbed "escaping from PDF." The attack relies on abusing the "/launch" functionality as described in the PDF specification to trick users into allowing malware embedded in PDF files to run.
Even though Stevens did not publicly disclose the technical details of his approach, it wasn't long until cybercrooks figured it out and incorporated it in their malware distribution campaigns. In mid-April, security vendor Sophos reported seeing the first in-the-wild attack using this method.
The new attack is well-constructed and the rogue emails are made to appear as if they are coming from the mail server administrator. Their "From" field is spoofed to display a system@[your_email_domain] address.
PDF /Launch Trick Spotted in New Attack - Malicious emails make false claims of changed POP3/SMTP settings - Softpedia
|My System Specs|
|Similar help and support threads for2: PDF /Launch Trick Spotted in New Attack.|
|DDoS Attack, Changed IPs Still Under Attack||System Security|
|New Phishing Scam Spotted on Facebook||Security News|
|New Koobface Campaign Spotted on Facebook||Security News|
|What classic vehicles have you spotted?||Chillout Room|
|UFO Spotted! :O||Chillout Room|
|Build 7004 Spotted||News|