Wednesday, July 7, 2010

Jul 7 CVE-2010-0188 PDF Britain intelligence service started analysis of the spy radio

CVE-2010-0188 Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors

The message attachment name says "Britain intelligence service started analysis of the spy radio". Then the body says "internal info".
While it can lure in a few readers, I'd say it is a very inane attempt to get into the targeted attack business. In general, I have not seen any high quality (zero day-low detection) or well designed targeted messages that would be clearly originating in Russia (not to say they don't exist). If you did see any convincing targeted attacks that were or looked like they were from Russia and they are as good as these, please let me know. I have a few more editorial comments regarding espionage in general and targeted attacks in particular, but I should probably leave them out and let you have fun with the attachment. Let me know if you find anything extra interesting inside (M).

Download  bfa67a03fd7d88b9b7ebeb5cae3cd95aac as a password protected archive (please contact me for the password if you need it)

 -----Original Message-----
From: []
Sent: Wednesday, July 07, 2010 5:56 AM
Subject: Britan razvedka mi5 vstupila v rassledovanie racci shpiona


 File Britan_razvedka_mi5_vstupila_v_ra  received on 2010.07.07 17:10:19 (UTC)
Result: 15/41 (36.59%)
AntiVir     2010.07.07     EXP/Pidief.529300
Authentium     2010.07.07     JS/Pdfka.AD
Avast     4.8.1351.0     2010.07.07     PDF:CVE-2010-0188
Avast5     5.0.332.0     2010.07.07     PDF:CVE-2010-0188
BitDefender     7.2     2010.07.07     Exploit.TIFF.Gen
eTrust-Vet     36.1.7690     2010.07.07     PDF/Pidief.RV
F-Prot     2010.07.07     JS/Pdfka.AD
F-Secure     9.0.15370.0     2010.07.07     Exploit.TIFF.Gen
McAfee     5.400.0.1158     2010.07.07     Exploit-PDF.q.gen!stream
McAfee-GW-Edition     2010.1     2010.07.05     Heuristic.BehavesLike.PDF.Suspicious.O
PCTools     2010.07.07     Trojan.Pidief
Sophos     4.54.0     2010.07.07     Troj/PDFJs-II
Symantec     20101.1.0.89     2010.07.07     Trojan.Pidief.I
VirusBuster     2010.07.06     Exploit.JS.Pdfka.T
Additional information
File size: 531530 bytes
MD5   : bfa67a03fd7d88b9b7ebeb5cae3cd95a

No comments:

Post a Comment