And this is why allowing scripts/embedded executable files in document formats has always been a bad idea. There's always someone who will mess it up. Luckily there are some tools for sanitizing documents, such as dangerzone for pdf [0]. But I wish there were standardized docx/pptx/odf/odp with zero scripting capabilities.
If I understand the description correctly, dangerzone completely rasterizes the pdf. This seems pretty drastic. Isn't there some tool that just checks the PDF or removes the scripting, without having to install a commercial antivirus software?
saagarjha 1462 days ago [-]
> As it turns out, over the past academic year, cybercriminals targeting the field of education tried to attack our users more than 356,000 times. Of these, 233,000 cases involved malicious essays downloaded to computers owned by more than 74,000 people. Our solutions blocked them, of course.
Note that you can only detect malware you block. Successful malware bypasses detection…
leoh 1461 days ago [-]
I have been concerned that scihub and libgen could be distributing viruses via 0-days in PDFs.
LeoTinnitus 1461 days ago [-]
I have always been concerned about that as well. Although aren't you somewhat safe depending on if you only open it with the corresponding pdf software? I thought the "only" vulnerability was the software it's used with and if you double click it or not.
meowface 1461 days ago [-]
Yes, though theoretically a single PDF could contain multiple exploits for multiple different PDF reader programs, I believe. Not sure if that's ever actually been observed, but it seems plausible in theory.
Most people use Adobe Acrobat, though, I think, so a PDF exploiting an Acrobat zero-day can be safely assumed to be pretty effective.
peter_d_sherman 1461 days ago [-]
I can picture the 22nd Century...
Shakespeare, and other great works of classic literature... are now classified as "malware"...
Essays (like those of Emerson, Voltaire or Thoreau) are now classified as "malicious essays"...
And, much like a box of Cracker Jack, or bottle of Tequila, you get a free "surprise" with each one... you get a free worm... (well, it's a computer worm... but same difference...)
Well two things are for sure in this "Brave New World" (a book which is also banned by the way!)...
1) Computer virus protection companies will never go bankrupt, and
2) Perhaps old-fashioned, printed on physical paper, virus-free (well, computer-virus free, not necessarily "mind-virus" free!) books (in addition to actual education) will make a comeback!
I am not holding my breath for this, however...
(Disclaimer: I am kidding about most of the things I said above...)
phendrenad2 1461 days ago [-]
Seems like most aren't PDF reader exploits, but are things masquerading as PDF files (links to open IE to an exploit site, exes with a PDF icon, etc.)
This is an area where antivirus software like Kaspersky shines - noticing things that are "obvious" that a user might nevertheless not notice 100% of the time.
malwalert1 1462 days ago [-]
The site academia.edu seems to be a big part.
It baffles me how widespread this is.
skylarchunk 1461 days ago [-]
Hm, what about malware masked as ZOOM? ;-)
1461 days ago [-]
bigbird-media 1462 days ago [-]
Summary:
Over the past academic year, cybercriminals targeting the field of education tried to attack our users more than 356,000 times. English textbooks were the most common malware hiding place K–12 students encountered, with 2,080 attempted downloads.
Rendered at 11:40:10 GMT+0000 (Coordinated Universal Time) with Vercel.
[0] https://github.com/firstlookmedia/dangerzone/blob/master/REA...
Note that you can only detect malware you block. Successful malware bypasses detection…
Most people use Adobe Acrobat, though, I think, so a PDF exploiting an Acrobat zero-day can be safely assumed to be pretty effective.
Shakespeare, and other great works of classic literature... are now classified as "malware"...
Essays (like those of Emerson, Voltaire or Thoreau) are now classified as "malicious essays"...
And, much like a box of Cracker Jack, or bottle of Tequila, you get a free "surprise" with each one... you get a free worm... (well, it's a computer worm... but same difference...)
Well two things are for sure in this "Brave New World" (a book which is also banned by the way!)...
1) Computer virus protection companies will never go bankrupt, and
2) Perhaps old-fashioned, printed on physical paper, virus-free (well, computer-virus free, not necessarily "mind-virus" free!) books (in addition to actual education) will make a comeback!
I am not holding my breath for this, however...
(Disclaimer: I am kidding about most of the things I said above...)
This is an area where antivirus software like Kaspersky shines - noticing things that are "obvious" that a user might nevertheless not notice 100% of the time.
It baffles me how widespread this is.
Over the past academic year, cybercriminals targeting the field of education tried to attack our users more than 356,000 times. English textbooks were the most common malware hiding place K–12 students encountered, with 2,080 attempted downloads.