• Quote of the Day
    "You are much deeper, much broader, much brighter than any idea you could have of yourself."
    Harry Palmer, posted by Daniel

David Baxter

Administrator
Joined
Mar 26, 2004
Messages
38,047
Points
113
Malicious PDF files being spammed out in volume
October 26, 2007

Malicious PDF files (report.pdf or debt.2007.pdf or overdraft.2007.10.26.pdf or so) have been massively spammed through email during the last hour and the spam run is still continuing.

The PDF is spiced with the CVE-2007-5020 exploit that downloads ms32.exe and then downloads more components. At this point it's not clear yet what is the final payload of the malware, because of missing files in the download chain. We are investigating further.

The subjects for the spam messages include:
  • Your credit report
  • Your credit points
  • Your balance report
  • Personal Financial Statement
  • Personal Credit Points
  • Personal Balance Report
  • Your Credit File
  • Balance Report
More information in our full description.

More on the scope of the vulnerability from a ZDNet article.
 

Top Bottom