• Posted Dec. 27, 2012, 3:56 p.m. - 12 years ago

2012 was the year for PDF Viruses, Trojans and Exploits

We have seen quite a few Trojans, viruses, malware and other exploits this year.  The Zero-day exploit of Adobe’s sandbox in their PDF Reader and other products has been reported by several groups, including us.

 

 

Group IB out of Russia had revealed this particular exploit, but refused so far to share the information with Adobe.  So far, we have not been able to find any mention of a fix for this Zero-day exploit.

The only reference to a sandbox breach is an interesting quote from Adobe: “Since we added sandbox protection to Adobe Reader and Acrobat, we have not seen any exploits in the wild that break out of the Adobe Reader and Acrobat X sandbox.”

The interesting part of this quote, which was issued before we published our article, is that Adobe has “not seen any exploits in the wild” that have broken out of the sandbox.  They had issued this statement after they were already in some type of negotiations with Group IB to obtain the method that was used to breach the sandbox.

While we may be lulled into a sense of safety that the Zero-day sandbox exploit is not in the wild, there is no guarantee that it will not be released from the confines of Group IB.

Other Trojans were thrust upon us, like the Better Business Bureau letter that many small business owners fell for.  In particular, a nasty Trojan masqueraded as a FedEx Non-Delivery Receipt which arrived just in time for the Christmas season when unexpected gifts might be expected.

So, stay safe and only open PDF files from trusted sources.  Also make sure you are protected with the latest anti-virus and anti-malware programs and definitions.

In the event you get infected, refer to our tips on disinfecting your computer system.