Feeds

back to article Poisoned PDF pill used to attack US military contractors

Unidentified hackers are running an ongoing cyber-espionage attack targeting US military contractors Booby-trapped PDF files, posing as messages from the US Department of Defense, were emailed to US defence contractors last week. The document refers to a real conference due to be held in Las Vegas in March. Opening the …

COMMENTS

This topic is closed for new posts.
Paris Hilton

Javrobat..

Better hurry up and upgrade to your new Acrobat Espionage Enabled Reader, 'cause we all like giving away secrets.

Shh, don't tell Paris though... She doesn't want to be reminded about that stupid phone.

0
0
Gold badge
Stop

No problme provided they have the latest patches installed then

Oh, we are talking US Government Con-tractors.

0
0
Silver badge

At last - a use for Pointless Document Format

NT

0
0
Silver badge

Javascript again

Yet another exploit that depends on javascript. Adding javascript to PDF was an outstandingly stupid idea. Plenty of PDF readers do not implement javascript. Just pick one not made by Adobe. The only content you will miss is malware.

3
0

Good work, John

Good to see at last that someone finally recognizes that IE isn't the only attack vector available or in use by hackers.

Having been pilloried for pointing out that fact in comments on other stories, it's a brave man who would make such a true statement.

Of course, I expect to get massacred again, only for actually agreeing with a story, which doesn't contain purely anti Microsoft browser sputum.

1
1
Bronze badge

Could it be

that this attack only works on one particular operating system?

Enquiring minds want to know.

0
0
Black Helicopters

CVE says Windows and MacOS-X vulnerable

The F-Secure article links to CVE-2009-4324, which states both Windows and MacOS X systems are vulnerable.

0
0
FAIL

Of course....

Of course, one would wonder who would open an attachment in an email that perhaps has spelling/grammer mistakes in line with "USA Department of Defence invite you too our Las Vegas show!" (see if you notice all of what's wrong in that statement) or other common spam-from-non-native-English-speakers issues.

0
0
Silver badge

Acrobat Reader

Why? I mean, just why? I'm so glad that Preview on the Mac covers all this stuff and I used to use Foxit Reader on Windows. Can't understand anyone using that bloated puss from Adobe.

0
0

And they just keep using MS products

Moe Rons

0
0
Silver badge
Thumb Down

Amazing

I find difficult to believe that 'U.S. military contractors' wouldn't use secure email accounts in their communications with their Government. Another proof of the excellent work F.B.I., N.S.A. et all. are doing protecting their country from terrorists, pedophiles, drug dealers and OMG, now spies.

The USA is going to hell in a basket, and the only problem I have with that is that the rest of the western world is following the same path. :(

0
2

Was it just me

But this morning I woke up to find that four of the big names in IT recruitment had sent me nearly identical emails thanking me for my recent registration (I've not had need of their services for half a year now) and linking me to nearly identically named pdf files located in nearly identical folders on their servers.

Each message has a subject of "A brief message from ***** : Ref No C??????" and then go on to list PDF files in a folder called legal/FCN split up by geographic region.

Perhaps I'm just getting paranoid.

0
0
WTF?

Heh "Avoid Detection"

From the F-Secure article:

"In order to avoid detection, it bypasses the local web proxy when doing this connection. "

So that'll mean it'll show up on the firewall then... Oh wait.. you mean it wasn't set up accordingly??

Shirley, you can't be serious?

0
0
Bronze badge

Whereas here

My office is in the fifth great year of Adobe Reader 7.0.5. (Well... I'm not sure we got 7.0.5 when it first came out. But we've got it now.)

Probably we couldn't run your exploits if we wanted to, and if hackers are sufficiently professional to shred their files after three years, I guess we're pretty safe.

0
0
Silver badge
Flame

@Mephistro

Um, using your secure email to connect to a non-secure email system violates security protocol. Therefore defense contractors tend to have at least two email accounts, one of which is not secure for general use. I say at least one, because they may work with multiple levels of security and the same rules apply for each increased level of security.

Please, use your head for something other than a mobile hat rack.

0
0
This topic is closed for new posts.