Despite being one of the most popular and widely used formats in the world, many experts have been warning for years of the dangers of using documents in PDF format due to its great security problems. In 2009, Adobe’s system for reading these documents, Adobe Reader, was already considered “the most insecure and ‘hacked’ ‘software’ of the year” and in this time things have not changed much.
Although this great versatility is extremely useful, it is also maliciously exploited by cybercriminals, who use these types of files as one more means to infect their targets and the first thing we must understand is that this format is composed:
▸Header
It is at the beginning of the file and contains only the version of the PDF specification that you use.
▸Body
It contains all the objects (texts, images, etc.) that make up the document.
▸Cross-Reference table
It contains the position where each of the objects is located in the internal structure of the file (the address in the binary). This is useful so that it is not necessary to go through the entire document to find a point object.
▸Trailer
Contains the position where the xref table begins and then the end-of-file indicator:% EOF.
When analyzing them for malicious elements, it is essential to analyze the body section, since it is the one that contains the objects and, in case the documents are very large, we can take advantage of the XRef table to find those objects more quickly.
It is important that users are protected to avoid being victims of this type of attack. In this case we have seen vulnerabilities in PDF files, but it can occur in any other document or program that we use. Cybercriminals can access the system through a wide variety of methods.
Something basic is to keep the equipment updated. We must always have the latest versions to be able to correct problems that are exploited by hackers and that put our privacy and security at risk. But it is also interesting to have security programs. A good antivirus can prevent threats from entering our system. This way we can be protected and maintain the reliability of our devices at all times.
However, the most important of all that common sense. We must avoid making mistakes such as downloading a malicious file by email, installing software from third-party sources that are insecure, or logging in from links we should not trust.
Check also:
Macro Malware threats designed to fool the victims
Frauds by Email wich you should know
