Security Corner – Poisoned PDFs

PDFs are one of the most common files used in business. They are easy to make and contain all of the images and formatting of a paper original. Their ubiquity also makes them a target for hackers. Attacks utilizing PDF files have risen dramatically recently from 11 % of attacks to 49 % according to Symantec. Attacks on PDFs have even surpassed the perennial winner in this category, Internet Explorer.

The way these attacks often work is that a hacker places a link to a PDF on a web page. Checking the domain at the bottom of your browser window, a common way to check if a site is legitimate, doesn't work for these files, since they are simply PDFs. Once you open the file it will start to run the malicious software. Normally a pop up will appear asking you to if you want to proceed. Hackers can change this to something that allays a user's suspicions, causing even cautious users to click to run the malicious software.

We have a few tips to help you avoid these exploits. In Adobe Reader go to Edit ● Preferences ● Trust Manager● Deselect Allow documents to open other files and launch other applications. Another possible solution is to use an alternative to Adobe Reader. Readers like Foxit automatically block embedded programs from running and avoid several common security flaws in the standard reader.