Wednesday, July 7, 2010

Jul 7 CVE-2010-0188 PDF Britain intelligence service started analysis of the spy radio

CVE-2010-0188 Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors

The message attachment name says "Britain intelligence service started analysis of the spy radio". Then the body says "internal info".
While it can lure in a few readers, I'd say it is a very inane attempt to get into the targeted attack business. In general, I have not seen any high quality (zero day-low detection) or well designed targeted messages that would be clearly originating in Russia (not to say they don't exist). If you did see any convincing targeted attacks that were or looked like they were from Russia and they are as good as these, please let me know. I have a few more editorial comments regarding espionage in general and targeted attacks in particular, but I should probably leave them out and let you have fun with the attachment. Let me know if you find anything extra interesting inside (M).


Download  bfa67a03fd7d88b9b7ebeb5cae3cd95aac as a password protected archive (please contact me for the password if you need it)




 -----Original Message-----
From: usadog@mail.ru [mailto:usadog@mail.ru]
Sent: Wednesday, July 07, 2010 5:56 AM
To: aa@minprom.gov.ru
Subject: Britan razvedka mi5 vstupila v rassledovanie racci shpiona

vnutr.infa.


 File Britan_razvedka_mi5_vstupila_v_ra  received on 2010.07.07 17:10:19 (UTC)
http://www.virustotal.com/analisis/d788e52e6999e1a162d04ebc9d211f1c1d6ca41636a97709b058d44ba2f70829-1278522619
Result: 15/41 (36.59%)
AntiVir     8.2.4.10     2010.07.07     EXP/Pidief.529300
Authentium     5.2.0.5     2010.07.07     JS/Pdfka.AD
Avast     4.8.1351.0     2010.07.07     PDF:CVE-2010-0188
Avast5     5.0.332.0     2010.07.07     PDF:CVE-2010-0188
BitDefender     7.2     2010.07.07     Exploit.TIFF.Gen
eTrust-Vet     36.1.7690     2010.07.07     PDF/Pidief.RV
F-Prot     4.6.1.107     2010.07.07     JS/Pdfka.AD
F-Secure     9.0.15370.0     2010.07.07     Exploit.TIFF.Gen
McAfee     5.400.0.1158     2010.07.07     Exploit-PDF.q.gen!stream
McAfee-GW-Edition     2010.1     2010.07.05     Heuristic.BehavesLike.PDF.Suspicious.O
PCTools     7.0.3.5     2010.07.07     Trojan.Pidief
Sophos     4.54.0     2010.07.07     Troj/PDFJs-II
Symantec     20101.1.0.89     2010.07.07     Trojan.Pidief.I
VirusBuster     5.0.27.0     2010.07.06     Exploit.JS.Pdfka.T
Additional information
File size: 531530 bytes
MD5   : bfa67a03fd7d88b9b7ebeb5cae3cd95a

No comments:

Post a Comment