BBC News - Technology

Thursday, 10 February 2011

Information Security Threats in the Second Quarter of 2010 - Securelist

Beware opening PDFs, they can launch other files, see this extract -

Information Security Threats in the Second Quarter of 2010 - Securelist: "Another notable innovation is that ZeuS is distributed using pdf files. An independent researcher has discovered that executable files embedded in pdf documents can be executed without having to exploit any vulnerabilities. The file is executed using the Launch function described in the pdf format specification. Just a few days after this information was published on March 29, people started to get emails with a specially crafted pdf document, which used the file launching method described above to infect computers with the ZeuS Trojan. In order for the computer to become part of a botnet, all the user needed to do was open the attachment."