""Such a mechanism allows the threat actor to collect user information, steal local data, perform advanced 'fingerprinting', and launch future attacks. If the target meets the attacker's conditions, the attacker may deliver additional exploit to achieve RCE or SBX.""
""The first pass is basically recon. It grabs OS info, language settings, and file paths to figure out what it's landed on. If the box looks useful, it pulls a second-stage payload and runs it inside Reader.""
Hackers have been exploiting a zero-day vulnerability in Adobe Acrobat Reader through malicious PDFs for several months. The exploit activates upon opening the PDF, utilizing obfuscated JavaScript to gather information from the target machine without requiring user interaction. Initial reconnaissance collects system details, and if deemed valuable, a second-stage payload may be executed, potentially leading to remote code execution. The targeted approach suggests specific audiences, with early indications pointing to Russian-language content related to the oil and gas sector.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]