New Tool to Create Malicious PDFs

Friday, June 13, 2014 @ 03:06 PM gHale

Unfortunately attacking an enterprise is a bit easier with a new tool that can release malware-riddled PDFs with the ease of a few clicks.

The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1.

Adobe Patches Flash Player, AIR
Adobe Fixes 18 Vulnerabilities
Adobe Fixes Flash Zero Day
After False Start, Apache Struts Fixed

Users can insert their own URL pointers into the program, which then issues an exploited PDF. Microsoft’s free anti-virus had blocked the attack (CVE-2010-0188) in a test and it was likely other platforms would raise flags too.

As is usually the case, unpatched users could fall victim. Again, unfortunately that is a large collection of possible victims.

Users could combine the tool with a free or paid automated phishing platform to create the attack system.

While uses for the bad guys are abundantly obvious, penetration testers and internal security teams can use it to launch attacks against staff to help improve social engineering awareness and defenses.

Claes Spett, a freelance security researcher, developed the tool while building a private exploit kit to hit organizations during penetration tests.

He published the executable to Google Drive, with a use at your own risk warning.

Leave a Reply

You must be logged in to post a comment.