Monday, 27 April 2015

Malicious Word Document Hidden In A PDF File

Frequently happens that attackers use DOC and PDF files to infect internet users with malware, but recently a researcher found a PDF file called "Sales Invoice" that contained a malicious Word document.When opening the PDF file is via Javascript tried to open an embedded Word document. Standard warns Adobe Reader to open these embedded files.

If users ignore the warning and still choose to open the DOC file in Microsoft Word, then get them whether they want to run the macro in the document. In recent months, regular Word documents with macros used , which once carried download malware. Also in this case, it is after the execution of the macro malware downloaded. It is a variant of the Dridex banking Trojan, a Trojan horse that steals money from online bank accounts.

According to researcher Steve Basford the malicious Office documents at the time only against Windows users. "Apple and Android software to open these attachments and might even run the macros embedded in the annex," he tells his own blog.Belgian researcher and ISC handler Didier Stevens made ​​this demonstration video in which he analyzes the PDF file.

No comments:

Post a Comment