Cybercriminals are exploiting the recently announced China-based cyber attacks against Google and more than 20 other companies as a lure for carrying out further targeted attacks.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The attackers are sending out e-mails that claim to contain details of the Google attacks in a PDF attachment, according to a blog post by security firm F-Secure.
The e-mails appear to come from legitimate sources, but when the attachment is opened, it exploits a known vulnerability in Adobe Reader and Acrobat software to install a back door.
Anyone clicking on the link will be vulnerable to the attack if they have not updated their Acrobat software with the patch released by Adobe on 12 January.
The affected versions of the software are Adobe Reader 9.2 and Acrobat 9.2, Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh, and Adobe Reader 9.2 for Unix.
Adobe has warned that these vulnerabilities could be used to execute code on affected computers or cause systems to crash.
F-Secure has also reported similar targeted attacks using malicious PDF files sent to US military contractors, in which the e-mails were crafted to look like they were from the US Air Force.
The attacks demonstrate a shift to more carefully crafted malicious e-mails targeted at specific individuals or groups.