Adobe vulnerability being used to attack defence industry

By Stuart Sumner
09 Dec 2011 View Comments
Adobe headquarters in San Jose

The vulnerability in Adobe Acrobat and Reader discovered earlier week is being used to install malware onto enterprise machines.

The malware, Sykipot Trojan, has been used to exploit previous Adobe vulnerabilities.

Further reading

Researcher Brandon Dixon wrote on security blog 9b+ that the exploit crashed his open Adobe programme and instead opened up a new file. It was this file that pointed to an attack on a large US defence contractor.

"Using Adobe Reader 9.4.6, the PDF was executed resulting in a crash and opening of a new document. This new document is a survey geared towards defense contractor ManTech," wrote Dixon.

The malware then attempts to make several registry changes and contacts an external URL. It is then likely to download further malicious code and assume control of the machine.

There has also been speculation this week that UK defence contractor Lockheed Martin had fallen foul of the vulnerability, as it was thanked by Adobe for notifying it of the breach.

However, the firm has since denied it has suffered any breach.

"We did not experience a cyber breach or intrusion resulting from the Adobe Reader vulnerability, and our information systems remain secure," a spokesperson told Computing.

He added that the breach was discovered by the firm's new Security Intelligence Centre, based in Farnborough, UK.

"Our advanced cyber analysis and intelligence team at the Lockheed Martin Security Intelligence Center routinely identifies and blocks malware attempting to exploit vulnerabilities in software applications such as Adobe Reader and, as is our standard practice, we report any findings to the developer.

"In this case, Adobe recognised us for identifying this vulnerability."

Reader comments
blog comments powered by Disqus
Newsletters
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

54 %
16 %
7 %
20 %
3 %