This PDF file has been found to exploit CVE-2010-2883 and CVE-2010-3333 vulnerabilities in Adobe Acrobat reader.
Once successfully exploited, it leads to remote code execution in the victim’s system.
At the time of analysis we found this dll active in the system:
We also found connections attempts made to “c[xxxx]p.m[xxxx]u.com”.
Quick Heal detects it as Trojan.BHO.btgg
We suggest that users apply these patches if they are using older versions of PDF Reader:
In addition we also suggest that users:
-Do not visit untrusted websites.
-Do not click on any links or attachments in their mail.
-Do not disclose any financial or personal information asked in any of these mails.
No Comments, Be The First!