Security News > 2022 > May > It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.

Booby-trapping a PDF with a malicious Word document goes against the norm of the past 10 years, according to the HP Wolf Security researchers.

For a decade, miscreants have preferred Office file formats, such as Word and Excel, to deliver malicious code rather than PDFs, as users are more used to getting and opening.

"A perfect example is a PDF document. The PDF is a document type that people trust. That's because the public's perception is that it is a secure document that can't be manipulated. After all, that's why you issue an invoice as a PDF file and not a Word document. Unfortunately, the trust that users have in PDFs as a 'safe' document is false."

PDFs are a threat that enterprises need to understand, Ivan Righi, senior threat intelligence analyst at Digital Shadows, told The Register.

Our takeaway from this: stay up-to-date with patches, detect and remove these PDFs from incoming messages, educate users on email safety, configure your network to contain security breaches the best you can, and other techniques that you're more than welcome to share in the comments.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/24/hp-pdf-phishing-malware/