![malicious pdf sample malicious pdf sample](https://i1.wp.com/gbhackers.com/wp-content/uploads/2017/04/pdf5-copy.jpg)
In some cases, the malware may not have the proper icon to go along with the fake file extension, as is the case with the Mac OS X Revir.A malware that F-Secure identified. They often use common file extensions such as DOC, PDF, XLS and others to entice users into opening the malicious file. Windows-based malware variants have been using the same sort of techniques for hiding themselves for a long time now.
Malicious pdf sample windows#
If this is the case, this malware might be even stealthier than in Windows because the sample can use any extension it desires,” the analysis by F-Secure said. The extension and icon could have been lost when the sample was submitted to us. It is slightly different in Mac, where the icon is stored in a separate fork that is not readily visible in the OS. The sample on our hand does not have an extension or an icon yet. “ This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a “.pdf.exe” extension and an accompanying PDF icon. What’s not clear is exactly how the malware is spreading right now. That server isn’t capable of communicating with the malware, however, the researchers found, so the malware is on its own once it’s installed on a victim’s machine. The Trojan then installs the backdoor, which is named Imuler.A, which attempts to communicate with a command-and-control server. Once the user executes the malware, it puts the malicious PDF on the user’s machine and then opens it as a way to hide the malicious activity that’s going on in the background, according to an analysis by researchers at F-Secure. The new piece of malware hides inside a PDF file and delivers a backdoor that hides on the user’s machine once the malicious file is opened.
![malicious pdf sample malicious pdf sample](https://securityxploded.com/images/malicious-pdf-PDFStreamDumper-2.jpg)
Researchers have come across a sample of an OS X-based Trojan that disguises itself as a PDF file, a technique that’s been in favor among Windows malware authors for several years now. Malware that targets Mac OS X isn’t anywhere near catching up to Windows-based malware in terms of volume and variety, but it seems that OS X malware may be adopting some of the more successful tactics that Windows viruses have been using to trick users.