David Baxter PhD
Late Founder
Malicious PDF files being spammed out in volume
October 26, 2007
Malicious PDF files (report.pdf or debt.2007.pdf or overdraft.2007.10.26.pdf or so) have been massively spammed through email during the last hour and the spam run is still continuing.
The PDF is spiced with the CVE-2007-5020 exploit that downloads ms32.exe and then downloads more components. At this point it's not clear yet what is the final payload of the malware, because of missing files in the download chain. We are investigating further.
The subjects for the spam messages include:
More on the scope of the vulnerability from a ZDNet article.
October 26, 2007
Malicious PDF files (report.pdf or debt.2007.pdf or overdraft.2007.10.26.pdf or so) have been massively spammed through email during the last hour and the spam run is still continuing.
The PDF is spiced with the CVE-2007-5020 exploit that downloads ms32.exe and then downloads more components. At this point it's not clear yet what is the final payload of the malware, because of missing files in the download chain. We are investigating further.
The subjects for the spam messages include:
- Your credit report
- Your credit points
- Your balance report
- Personal Financial Statement
- Personal Credit Points
- Personal Balance Report
- Your Credit File
- Balance Report
More on the scope of the vulnerability from a ZDNet article.
