NEWS FROM THE LAB - Friday, October 26, 2007

Malicious PDF Files Being Spammed Out in Volume Posted by Jusu @ 15:10 GMT

A malicious PDF file called report.pdf, debt.2007.pdf, overdraft.2007.10.26.pdf, or similar, has been massively spammed through e-mail. The PDF is spiced with exploit CVE-2007-5020 that downloads ms32.exe, which in turn downloads more components.

Massive spamming did not eventually lead to major problems, since the secondary download location was swiftly taken down preventing the downloader from functioning.


The subjects for the spam messages include:

  Your credit report
  Your credit points
  Your balance report
  Personal Financial Statement
  Personal Credit Points
  Personal Balance Report
  Your Credit File
  Balance Report

More information is available in our full description.

More on the scope of the vulnerability is available via a ZDNet article.