How to Recognize (And Avoid) PDF-based Malware

 The world of cybercrime is vast and varied, but you can still make at least one generalization that holds true: hackers will always gravitate toward popular sites and programs in the hopes of maximizing the reward for their efforts. Put another way, this means that most software with a wide user base has its share of security threats.

Adobe Reader is a common PDF (portable document format) software that allows you to read documents but not edit them.  As PDFs grow in popularity, they are increasingly made the vehicle of cyberattacks. Adobe Reader has been repeatedly exploited by hackers. Many versions of PDF-based malware are triggered by the user opening an infected PDF file, which then gives hackers access to the computer.

One of the newer, scarier versions of Adobe malware sends out an update prompt that looks convincingly legitimate. It overwrites the real auto-updater function and opens up the computer to be controlled by a botnet.  (Botnet is a jargon term for a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with malicious software, but it can also refer to a network of computers using distributed computing software. – Wikipedia)
If you want to protect yourself against PDF-based malware, you can do a number of things:

  1. First and most importantly, don’t open PDFs from people you don’t know.
  2. You can disable JavaScript in Acrobat and Reader. (Most attacks are executed via JavaScript.)
  3. Use good antivirus software and keep it up to date.
  4. Remember that individual software will occasionally require security updates, so you do need to keep an eye out for legitimate update prompts.
  5. Closely examine automatic update prompts to make sure they’re the “real thing.” If it’s misspelled, if the language is odd, or if logos or icons look like they’ve been altered, the prompt could be a fake.
  6. If you’re directed to a site to download an update, take a good look at the address bar. Legitimate updates to Flash and Acrobat will come from Fraudulent ones will have a different address.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: