Forums » General Discussions » The Lounge - General Discussion - Off Topic » Let's Not Gozi What's In That .pdf

Let's Not Gozi What's In That .pdf

rated by 0 users
This post has 0 Replies | 0 Followers

Top 10 Contributor
Posts 21,199
Points 944,130
Joined: Sep 2007
ForumsAdministrator
Reply
News Posted: Fri, Oct 26 2007 9:14 AM

That particularly virulent .pdf trojan nicknamed the "Gozi Trojan" is back again in a new and slightly more sophisticated form. It uses a flaw in the Adobe Acrobat v.8.x. reader to steal your info as you're entering it into forms. You know that little padlock you see when you're communicating with an SSL encrypted page? It's just a pretty picture if you've downloaded the malware from a phony .pdf.

This latest attack provides a good example of several successful
tactics in the malware business coming together for a single attack. It
uses a recent and widely publicized vulnerability (in Acrobat) to
deliver a known-to-be-effective Trojan (Gozi) which is distributed to
PCs through yet another bot that allows Google Gmail to mass distribute
e-mails, but is still able to bypass spam filters by using yet another
popular and recently successful tactic (PDF spam).

The servers that hosted the pirated information (Russian. Of Course!) were shut down by their ISP. Sounds good, but not really. It wasn't because they were identified as crooks, but only because the spike in traffic was too large for them to handle. So a lot of people are getting taken. HotHardware reminds you to be deeply suspicious of any .pdf you receive. You can download a patch from Adobe here. And some one ask Al Gore to go back and fix his invention and turn off Russia.



  • | Post Points: 5
Page 1 of 1 (1 items) | RSS