Beware, your PDF files may have trojans

By siliconindia | Friday, 16 April 2010, 22:12 IST

Bangalore: Till now, Websense Security Labs has received more than 2,000 messages so far regarding Zbot trojan campaign spreading via email that connects your PC to a malicious remote server in China. Zbot is information stealing trojan (infostealer) collecting confidential data from each infected computer. This new variant uses a malicious PDF file which contains the threat as an embedded file. When recipients open the PDF, it asks to save a PDF file called Royal_Mail_Delivery_Notice.pdf. The user assumes that the file is just a PDF, and therefore safe to store on the local computer. The file, however, is really a Windows executable. The malicious PDF launches the dropped file, taking control of the computer. At the time of writing, this file has a 20 perecnt anti-virus detection rate (SHA1 : f1ff07104b7c6a08e06bededd57789e776098b1f). It seems to be another hacking attempt pointing to China. Now users need to make sure that they update their anti-virus suites with latest definitions in order to keep their PCs safe from malicious datas.

Siliconindia

Beware, your PDF files may have trojans

Featured Vendors

Singh Biotechnology: Unlocking the “Undruggable”

Fixpliance AI: Fixing Compliance at the Speed of AI

Harness: Unified AI Platform for Faster, Safer Delivery

Straiker: Unlocking AI’s Future

Mem0: The Missing Link in AI at Scale

Votal AI: Redefining Workforce Efficiency Through Ethical AI