Just when you think PDF files are safe to use again, think again.
We all know that the PDF has had its share of PDF vulnerabilities. From UXSS to PDF spamming, the PDF has been targeted for its wide user base, compatibility across different systems and its reputation as a commonly deployed format for many of today’s enterprises.
Well, nothing’s changed--hacker’s are still targeting the format and users are still using it. As an unfortunate part of technological developments, toolkits which are used to help users gain better functionality with their applications, are also being developed by malicious users to help construct and launch their hacking codes on unsuspecting users.
A hacking toolkit called the “PDF Xploit Pack” is reportedly taking advantage of PDF vulnerabilities to gain access to the user information of infected computers. According to a blog posting on worldwide communications resource company, TrustedSource, the PDF Xploit Pack is a new toolkit that targets only PDF files.
In addition, a hacker toolkit called Neosploit, used earlier in 2007 attacks seems to be back in business after it’s “retirement” last July. In the past, the kit was reportedly enhanced to take advantage of Acrobat Pro and Reader vulnerabilities (detected around February 2008) that were launched via the browser, according to an article on the Symantec security blog. Its timely return undoubtedly adds more pressure to the investigation of how much invlovement this Neosploit toolkit has with the PDF exploits occurring.
As a PDF user, you may not know where these attacks are coming from or if one is currently happening on your system right now (as some are unknowingly launched),but you can secure yourself by developing the right habits.
The US Computer Emergency Readiness Team (US-CERT) believes in this too. On their website it recommends not opening files you don’t trust, making sure you’ve got anti-virus programs installed, and keeping your software updated with the latest patches and versions.
