F-Secure researchers are warning of a spam campaign that delivers a malicious PDF file promising information on the schedule for the upcoming London 2012 Olympic Games.
"A typical PDF exploit will launch a clean decoy as part of its attack, and in this case, the decoy is a copy of the London 2012 Olympic schedule circa October 2010," F-Secure researcher Sean Sullivan wrote in a blog post. "The original source PDF can still be found online at london2012.com."
"Sullivan said the PDF exploits CVE-2010-2883 in the Cooltype.dll file in Adobe Reader and Acrobat version 9.x before 9.4 and 8.x before 8.2.5, on both Windows and Mac OS X operating systems," writes The Inquirer's Lee Bell.
"In the background, the exploit attempts to connect to a Chinese domain, which was likely serving malware at one time, or has yet not started doing so," writes Help Net Security's Zeljka Zorz. "The researchers point out that unsolicited emails that use current events to engage users are more often then not malicious, and urge users keep their Adobe Reader always up to date."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
The attack uncovered by F-Secure is just one of many targeting fans of the Olympics. As InformationWeek's Mathew J. Schwartz notes, a recent bulletin [PDF file] from the U.S. Department of Homeland Security warned of a wide range of other cyber threats tied to the event, including SEO poisoning, phishing attacks, and fake mobile apps.