PDF



What has the makings of a targeted attack campaign against several high-value industries is using a Trojan that employs rigged PDFs to deliver its payload. Targeting organizations in the defense, chemical, technology, and aerospace industries, the MyAgent trojan is primarily spreading through email as a zipped .exe file or PDF attachment, according to researchers at the FireEye Malware Intelligence Lab.

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the Wordpress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.

There has been a spate of spear-phishing attacks against a number of high-profile targets in the last few months, including RSA and others, and that trend is continuing unabated. Researchers have come across a fresh attack using the familiar malicious PDF attachment that appears to be targeting users in the defense industry.

The clock is ticking for Apple to issue a patch for the iOS operating system that powers iPhones, iPods and iPads following the release of a remote exploit that uses specially crafted PDF files to defeat iOS’s content protection mechanisms and “jailbreak” mobile devices like the iPhone and iPad. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.