Trusteer says its prediction on Adobe PDF attack has come true
LONDON, 16th April, 2010 - As predicted last week by Trusteer (http://bit.ly/bDVf7W), a new variant of the Zbot/Zeus trojan has now arrived, embedded in an Adobe PDF file.
Online, April 16, 2010 (Newswire.com) - LONDON, 16th April, 2010 - As predicted last week by Trusteer (http://bit.ly/bDVf7W), a new variant of the Zbot/Zeus trojan has now arrived, embedded in an Adobe PDF file.
And, says Mickey Boodaei, CEO with the browser security and fraud prevention specialist, this week's warning by fellow security vendor Websense shows how quickly cybercriminals are exploiting these types of security issues.
"Just as a virus and malware prevention industry had to move swiftly to counter the so-called zero-day security threats as they started arriving around five years ago, so the industry must ratchet up its protection strategy once again to meet this expanded threat," he said.
"We said last week that cybercriminals and hackers will try to exploit this structural Adobe issue using social engineering techniques, which lure Internet users into a false sense of feeling safe and that is exactly what has happened this week," he added.
According to Boodaei, many of today's IT security solutions - such as antivirus and personal firewalls - rely on Internet users to make the right choice.
The problem is, he explained, that the applications present users with technical messages that are hard to understand and expect users to decide what to do with them.
"Acrobat Reader works in a similar fashion by expecting Internet users to understand the security implications of running an embedded file," he said, adding that most users simply look for the easiest and quickest way of getting something done.
"They don't stop to think if every step they make is a reasonable behaviour," he said.
Judging from the speed with why cybercriminals moved to exploit the Adobe PDF security issue, the Trusteer CTO says that it is now down to Internet users to take pro-active steps to protect their Internet surfing, and heed the advice of the growing number of financial plus allied Web sites to enhance their security.
The good news, he went on to say, is that a growing number of Web sites are now offering excellent security enhancement software - free of charge - that augments users' existing anti-virus and IT security applications.
"Applications like our own Rapport browser security layer (http://bit.ly/aRw8sj), which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group can play a key part in making users' Internet sessions more secure," he said.
"Protecting your online interests clearly involves users taking a multi-layered approach to their security. We hope our warning of last week will have helped a sizeable number of online users prevent this Adobe PDF security issue from spoiling their day and causing problems with their online financial services," he added.
For more on the Websense security threat alert: http://bit.ly/a0RgJv