Zeus botnet jumps on PDF design flaw

Attackers have begun exploiting a design flaw in Adobe's PDF format to spread the Zeus botnet, only days after the publication of a proof-of-concept exploit for the flaw, according to security researchers.

On Wednesday, researchers at M86 Security said they had discovered emails claiming to originate from Royal Mail with PDF attachments exploiting the flaw. The attachment attempts to run an executable file that installs the Zeus Trojan on a user's system.

Zeus attempts to steal banking information by logging a user's keystrokes. It also attempts to make a user's system part of the Zeus botnet.

M86 said the email includes a PDF, which in turn contains an attachment that appears to be another PDF file.

"This attachment is actually an executable file and, if run, will install the Zeus bot," M86 said in an advisory. The executable targets Windows systems.

Read more -here-

• Tesla kills the $16,000 Cybertruck range extender
• Cue: Apple will add AI search in mobile Safari, challenging Google
• Sonos and Ikea are ending their partnership
• Skype shuts down after more than 2 decades
• Ireland fines TikTok 530 million euros for sending EU user data to China
• Xbox consoles, controllers, and games are getting more expensive