Date:09/10/19
Studying the vulnerabilities found, German hackers have discovered two ways of its possible use. During the practical tests they cracked 27 PC applications and web applications for reading PDF files, including Adobe Acrobat, Foxit Reader, Nitro, and built-in PDF viewer in Chrome and Firefox. In all cases they managed to retrieve data that was considered encrypted and secure.
The first type of attack using PDFex called “direct exfiltration”. It turns out that the encryption system handles not the whole PDF file, but only some part of it. But the attacker maintained access to the open parts that they can modify — for example, including the user data forwarding at the time of decoding, at a fake address.
The second type of attack is based on the use of CBC tools to spoof encrypted sites directly in the file. The aim here is to create a “mined” file, which itself will send its contents to a remote server using PDF forms or URLS. In the first and in the second case for holding PDFex-attack requires direct access to the file, or at least intercept the network traffic of the user. The vulnerability is considered critical and will be described in detail at the upcoming conference on network security ACM Conference on Computer and Communications Security.
In the PDF files found critical vulnerability that turns them into “zombies”
The encryption system of the PDF files contains a critical vulnerability, according to German experts on cyber security. We are talking about the protection built into the PDF standard, not the external encryption tools. Based on the found vulnerabilities experts have modeled the attack, which was called “PDFex”.Studying the vulnerabilities found, German hackers have discovered two ways of its possible use. During the practical tests they cracked 27 PC applications and web applications for reading PDF files, including Adobe Acrobat, Foxit Reader, Nitro, and built-in PDF viewer in Chrome and Firefox. In all cases they managed to retrieve data that was considered encrypted and secure.
The first type of attack using PDFex called “direct exfiltration”. It turns out that the encryption system handles not the whole PDF file, but only some part of it. But the attacker maintained access to the open parts that they can modify — for example, including the user data forwarding at the time of decoding, at a fake address.
The second type of attack is based on the use of CBC tools to spoof encrypted sites directly in the file. The aim here is to create a “mined” file, which itself will send its contents to a remote server using PDF forms or URLS. In the first and in the second case for holding PDFex-attack requires direct access to the file, or at least intercept the network traffic of the user. The vulnerability is considered critical and will be described in detail at the upcoming conference on network security ACM Conference on Computer and Communications Security.
Views: 524
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World