While things had been quiet, we were quite certain that the gang behind Trojan.Hydraq hadn't gone away. It looks like they are back, as we've been seeing evidence of their attacks since January, including an attack I’d like to talk about below.
A PDF malware sample exploiting a critical Adobe zero-day vulnerability was reported in the wild a few days ago. In this post we want to provide more information about this in-the-wild malware and the attack rather than the vulnerability itself.
A public report of the PDF malware seen in the wild showed a social engineered email with following properties:
Subject “David Leadbetter’s One Point Lesson”
Sent date: “Monday, September 06, 2010 8:01 AM”
Attachment: Golf Clinic.pdf (Md5: 9c5cd8f4a5988acae6c2e2dce563446a)
The PDF file attached to the...