In the world of cybercrime it is vast and varied, but hackers will always gravitate toward popular sites and programs in the hopes of maximizing the reward for their efforts. Most software with a wide user base has its share of security threats.
Adobe Reader is a common PDF (portable document format) software that allows you to read documents but not edit them. As PDFs grow in popularity, they are increasingly made the vehicle of cyberattacks. Adobe Reader has been repeatedly exploited by hackers. Many versions of PDF-based malware are triggered by the user opening an infected PDF file, which then gives hackers access to the computer.
One of the newer versions of Adobe malware sends out an update prompt that looks convincingly legitimate. It overwrites the real auto-updater function and opens up the computer to be controlled by a botnet. (Botnet is a jargon term for a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with malicious software, but it can also refer to a network of computers using distributed computing software. - Wikipedia)
If you want to protect yourself against PDF-based malware, you can do a number of things:
1. First and most importantly, don’t open PDFs from people you don’t know.
2. You can disable JavaScript in Acrobat and Reader. (Most attacks are executed via JavaScript.)
3. Use good antivirus software and keep it up to date.
4. Remember that individual software will occasionally require security updates, so you do need to keep an eye out for legitimate update prompts.
5. Closely examine automatic update prompts to make sure they’re the “real thing.” If it’s misspelled, if the language is odd, or if logos or icons look like they’ve been altered, the prompt could be a fake.
6. If you’re directed to a site to download an update, take a good look at the address bar.
Legitimate updates to Flash and Acrobat will come from Adobe.com. Fraudulent ones will have a different address.
No comments:
Post a Comment