Earlier this year I gave a talk at the Virus Bulletin conference in Vancouver about malicious PDFs.
As a consequence of that paper, I received a number of enquiries from other researchers working in this field of computer security. One of the more fruitful contacts was Marco Cova of the Wepawet project.
This week, in-between other work, I have been analysing a feed of PDFs I have received from Wepawet.
One particular sample I analysed had a very small piece of JavaScript code that I hadn’t seen before:
app.setTimeOut(this.info.XXXX,1)
View full post on Web Security Weblog
Related Posts
- KVGBANK Affected with Malicious JavaScript
p { margin-bottom: 0.21cm; }a:link Karanataka Vikas Grameena Bank is victim of an attack. The site is comprised by the injection of malicious obfuscated JavaScript.Home page of kvgbank.com : Obf... - Surrounded by Malicious PDFs
Malicious PDF files and related exploits are invading the Net. Looking at the CVE records in the National Vulnerability Database for Adobe products, we see a dramatic increase in 2009.
Since January ... - Malicious PDFs: A summary of my VB2010 presentation
Last week, I presented at VB2010 a talk that was well received in the room and on the wires. A number of people have requested copies of or links to my presentation and paper (thanks to Helen Martin ... - Windows Security Alert! Malicious Attack Embedded in JavaScript Attachment
Symantec has observed an increase in the volume of email spam with HTML attachments that contain malicious JavaScript.
In the last couple weeks, spammers masquerading as known individuals or companies... - Malicious PDFs cause trouble at the Ministry
It seems someone compromised the ministryofrum(dot)com recently, replacing an understanding and appreciation of rum with malicious PDF files instead.
The site is fixed now, but compare the clean s... - PDF Scanner: detecting malicious PDFs
Today I wrote a simple program that scans PDF files and detects the malicious ones.
7 malicious PDFs downloaded from malwaredomainlist.com and mdl.paretologic.com
493 good PDFS downloaded from a reput... - Analysis of a set of malicious and-or malformed PDF(s)
Hi,As promised some day ago, I'll increase the number of posts centred on Malicious PDF Analysis, focusing attention on the most common malformations, that could make harder or block common inspection... - Blog: Malicious Javascript vs. card reader
Today’s bank customers face the very real threat of losing their hard-earned cash if their online banking identities are stolen by cybercriminals.
View full post on Securelist / All Updates... - Request contained a malicious JavaScript or SQL injection attack
bad-behavior is now blocking what it says is a SQL injection but all its really looking for is a # in the header. So I end up seeing crap like this.I think this may be a bug in bad behaviorUpdate: I a... - Launching malicious content from PDFs
Last week, Didier Stevens (an independent security researcher) wrote a blog about a security hole in PDFs. In it he described how to launch arbitrary files from within a PDF.
Following on from Didier&...
Posted on 15 November 2010. Tags: Find, JavaScript, Malicious, novel, PDFs, running
