1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware. Virus alert. The dawn of pdf based viruses..

Discussion in 'BlackHat Lounge' started by theconjurer, Oct 12, 2009.

  1. theconjurer

    theconjurer Junior Member

    Joined:
    Dec 22, 2008
    Messages:
    187
    Likes Received:
    301
    Occupation:
    keep guessing...
    Location:
    the Internet...
    Hello. I came across this article a while ago and holy shit...give it a read. I mean with the amount of ebooks and all that is circulated in the forum these days...this is a serious security concern or so I would think...

    Code:
    http://securitylabs.websense.com/content/Blogs/3411.aspx
    Just a warning of sorts to everyone here who downloads like a maniac. dont open just about anything..this is some serious shit. or atleast looks like it to me...

    Also, this might not be news to some people here...doens't hurt to refresh your memory.
     
    • Thanks Thanks x 1
  2. jimbobo2779

    jimbobo2779 Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 17, 2008
    Messages:
    3,245
    Likes Received:
    2,395
    Occupation:
    Software Engineer
    Location:
    UK
    Home Page:
    WTF guy its some crap about salt.
     
  3. freelapse

    freelapse Junior Member

    Joined:
    Dec 19, 2008
    Messages:
    107
    Likes Received:
    19
    Location:
    Seattle, WA, USA
    What? Salt?
     
  4. nowimhere

    nowimhere Regular Member

    Joined:
    Jul 7, 2009
    Messages:
    262
    Likes Received:
    2,031
    Occupation:
    This is my job
    Location:
    Canada
    If you are getting pdf's from guru's then this shouldn't effect you.

    Its all those no name guys you have to look out for...

    At least this is as far as I can tell.

    Cheers.
     
  5. electrohedtings

    electrohedtings Registered Member

    Joined:
    Apr 26, 2009
    Messages:
    59
    Likes Received:
    4
    Guru's? haha.

    You sound like one of the many gullable one's from DP falling for all the marketing lingo.
     
  6. buns2345

    buns2345 Newbie

    Joined:
    Jul 7, 2008
    Messages:
    19
    Likes Received:
    2
    ermm hasent PDF virus been out for some time i mean easy to do easy to take out and if u have a firewall then u control what connects to ur internet :)
     
  7. Legion

    Legion Newbie

    Joined:
    Feb 17, 2008
    Messages:
    1
    Likes Received:
    134
    It's always good practice to disable JavaScript in your reader.

    Foxit reader:

    Edit->Preferences->JavaScript->Enable JavaScript Actions
     
  8. kanshu

    kanshu Regular Member

    Joined:
    Sep 11, 2009
    Messages:
    212
    Likes Received:
    28
    Occupation:
    Computer programmer
    Location:
    Cebu City, Philippines
    Home Page:
    Yup. That JavaScript threat from PDF's has been around for quite some time now. But if you have an updated PDF reader from Adobe and you have JavaScript turned off, I don't think it will be a problem. It's more problematic if you download and view the PDF immediately from the browser with the Adobe plug-in.

    In any case, it may be a good time to actually review the alert bulletin.
     
  9. Radix

    Radix Newbie

    Joined:
    Apr 18, 2009
    Messages:
    25
    Likes Received:
    10
    I haven't seen any pdf based trojans or viruses that ranked higher than a medium risk.

    I'm sure some exist. I'm also sure I've picked up the few I discovered from some "guru" rolling out their crap ebook here or on other forums.

    On the topic of ebooks, what percentage of the ones you download do you actually read?

    For me, I'd say it's less than 10%. Not sure why I bother.
     
  10. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    If you rely on an AV for your protection your living in a false sense of security.
    Use something that tells you what your Pc is doing instead like Spyware Process Detector v3.19
    The only problem is most computer users don't even know what processes
    are supposed to be running which to me is like driving a car through a
    danerous wilderness and not knowing how to fix it if it breaks down.
    I know 13 year olds that can write a FUD trojan that will bypass a firewall and disable your AV.
     
  11. WizGizmo

    WizGizmo Super Moderator Staff Member Premium Member

    Joined:
    Mar 28, 2008
    Messages:
    3,844
    Likes Received:
    55,442
    To All:

    I will soon be condensing all of the important sticky rules (in the downloads section) into one comprehensive thread as soon as I have a bit of free time. I will also be sure to include the warning about turning off javascript in Adobe Reader and/or Foxit.

    Thanks For The Heads-Up :)

    Cheers! - "Wiz"
     
    Last edited: Oct 13, 2009
  12. Reelnetwork

    Reelnetwork Regular Member

    Joined:
    Oct 12, 2009
    Messages:
    441
    Likes Received:
    103
    Location:
    Nowhere
    Good news, You know i have avoided pdf lot in life, especially because there files are pretty dumb too, My printer slowly prints them.
     
  13. krish22

    krish22 Registered Member

    Joined:
    Dec 26, 2008
    Messages:
    92
    Likes Received:
    18
    yes! i was ignorant as far as this is concerned. thanks added.:)
     
  14. HairSpray

    HairSpray Junior Member

    Joined:
    Nov 21, 2008
    Messages:
    118
    Likes Received:
    25
    Make sure your OS is up to date. And most importantly set Adobe to automatically update. These exploits have been around for a long time and Adobe have always patched it.