This post is also available in: Slovenian
As it became fashionable to expose security holes for Adobe Reader and Acrobat. Now, they discovered critical security holes every month. Are you still using Adobe to read PDF files?
The difference is in the fact that previously infected pdf files contaion only links to malicious code, this time, the malicious code is already attached. And more, some infected pdf files are digitally signed by a valid certificate, issued to the American secure2.eecu.com
Stuxnet becoming a trend
Do you remember the Stuxnet case last month? The Kaspersky Lab expert Roel Schouwenberg forecast for year 2011 to be year of digitally signed malware with certificates stolen from well-known companies.
vir: Contagio Malware Dump
Anti-virus software has detected it as a Troj/PDFJs-ME, Win32/PDFJsc.HQ, Troj/Agent-OOH … One fot he installed files from infected pdf is golf clinic.pdf and new processes added acrord32.exe and cmd.exe. It’s all associated with the website academyhouse.us.
Chet Wisniewski from Sophos Lab expert recorded what is happening on your computer when you open pdf file with this malicous code.
Check if your antivirus program contains latest patches and it should have included live web protection as for example AVG have Link Scanner and finally in Sophos where they have Live Protection. And of course be careful opening pdf files attached to mail with obvious spam content and from unknown person, especially if it offers improvement of our golf strokes.
More details on malicous code and search for protection:
Contagio Malware Dump