Malicious PDFs have become familiar features on the threat landscape, in no small part due to the popularity and ubiquity of Adobe Reader and Acrobat.
In a new report, researchers at Symantec took a deep look at how malicious PDF attacks hit users. According to Symantec, in the span of a year, the United States was the favored country to attack with PDF malware. In January, 59 percent occurred in the U.S., researchers found.
“Attackers use a variety of different channels to deliver malicious PDF files,” according to the report. “The threat landscape is dominated by three main channels, which are mass-mailing, drive-by downloads, and targeted attacks.”
“We have seen an ever increasing use of PDFs for malicious purposes over the past two years,” blogged Fred Gutierrez, threat analyst for Symantec Security Response, who co-authored the report. “During this time, we have tracked the growth and usage and have been constantly improving our detections to handle the different evolutions of these threats. We see new vulnerabilities related to PDF readers discovered on a regular basis, often being exploited in-the-wild before a patch is available.”
The report can be downloaded here (PDF).