Almost three weeks after 2010Netthreat.com reported a malicious, targeted e-mail attack that used the 2010 Soccer World Cup to entice users to open an infected PDF attachment, we can report that less than 40% of major security vendors are blocking it!
According to Symantec’s Dan Bleaken, the cyber criminals used a very fresh vulnerability in Adobe Reader to launch what is probably one of the most damaging types of Internet threat.
“A targeted attack,” he says, “takes place via e-mail and is designed to target a specific individual or organisation.
“The aim is generally to extract sensitive/valuable information which is used to gain competitive advantage, for blackmail, to harm reputations and gather intelligence.”
Bleaken confirms that at the time 2010Netthreat.com published its report (see Targeted Attack), Symantec was the only major vendor to block the attack based on results from the Virustotal agency.
“Three weeks later the agency found that just 15 out of 38 vendors surveyed were blocking this latest attack.”
Scary stuff, but, fortunately, according to Bleaken, users who have the latest version of Adobe Reader are safe.
“Updating to Adobe Reader version 9.3.1 fixes the problem (bugfix). Unfortunately, those who have not updated or are not using the right security vendor still have a problem.
“Users should make a habit of downloading the latest software updates and patches at all times, while also ensuring they use a credible security vendor to ensure hassle-free computing,” he says.