Published: 15 February 2013
Every single day more and more news are hitting the news. Adobe Acrobat Reader & Flash Player are used for targeted Phishing attacks. And the attackers used a zero day to launch those attacks,,,
If you are using Acrobat Reader version 9.5.3 , 10.1.5 or 11.0.1 then you “might been” effected. Attackers are using “Zero Day” flows and did exploit those versions via a Phishing attack mainly via e-mails or pop ups via browsers. The version of your Operation System is really not that much important as this flow is attacking any platform which has the Adobe product installed, in other words MacOS, Linux, Windows or Android platforms can be affected.
Having Anti-Virus, Anti-Spam won’t help you that much anymore as attackers used an attack against Adobe Reader drop two DLL files designed to both distract and compromise victims.
Upon successful exploitation, it will drop two DLLs. The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.
After all this the Adobe Team has been made aware and now you have to wait until they write a “patch” and you might pray to not get attacked.
The best way to get protection against this attacks is usually TRAINING. Yes, making your End User’s aware can help you to stay out of trouble