Upgrade Adobe Reader and stop Zeus

Zeus botnet continues to spread malicious code to attack many users' systems through errors in Adobe PDF files.

Many security experts have anticipated attacks that exploit vulnerabilities in Adobe PDF document format.

Zeus variants of Zeus use an embedded PDF document to attack and spread them on multiple websites or via email attachments. When the user downloads this PDF file and opens it will be asked to save a PDF file called " Royal_Mail_Delivery_Notice.pdf " but this is actually a program that will execute to hijack the victim computer.

Upgrade Adobe Reader and stop Zeus Picture 1
Email with embedded PDF file with malicious code (Photo: M86 Security)

Upgrade Adobe Reader and stop Zeus Picture 2
When opening the attached PDF file, it is required to save another PDF file but it is actually a malicious executable file (Photo: M86 Security)

Zeus is also the first large botnet to exploit malicious errors in PDF. This error does not stem from a security vulnerability, but from an Adobe-designed feature included in Adobe Reader and Acrobat.

Adobe will release a patch to fix this " abetting the enemy " feature, but the majority of popular users do not have the concept of upgrading to the latest version or using the automatic update function to prevent attacks. public.

Zeus is a malicious code (trojan) that steals sensitive information such as online banking accounts and passwords, online payments . when entering a victim's computer. They did not have as much activity on the victim computer as other trojans, instead, Zeus silently recorded the operations of online financial account login and immediately sent it to the " owner " remotely. .

Computers controlled by Zeus become " ghost computers " (zombies) controlled by hackers who own Zeus. These phantom computers create Zeus botnets in numbers up to 3.6 million " ghost computers " in the US alone, according to Trusteer data released in September 2009.

Upgrade Adobe Reader and stop Zeus

The reader should download Adobe Reader 9.3.2 immediately or turn off the / Launch feature that could be dangerous in Adobe Reader and Adobe Acrobat by going to Edit -> Preferences -> Categories -> Trust Manager -> PDF File Attachments , un- select the " Allow opening of non-PDF file attachments with external applications " section.

If you are using Foxit Reader instead of Adobe Reader, you also need to install the latest version because Foxit Reader is also threatened by this exploit.

The latest virus signature (signature) database must be updated for the security program installed on the computer and then proceed to scan the entire system. If you haven't installed any programs, check out the following free antivirus programs: AVG Antivirus, Avira AntiVir Personal, avast! antivirus Home Edition, Microsoft Security Essentials. Refer to the free utility Zeus Trojan Remover of novirusThanks.