PDF malware crashes into October 2007's top virus charts

IT security and control firm Sophos has revealed the most prevalent malware threats and countries causing problems for computer users around the world during October 2007.

The study, compiled by Sophos's global network of monitoring stations, has shown that a new Trojan horse, PDFex, that is typically spammed out in email messages with an infected Adobe Acrobat PDF attachment, has smashed its way into third position in the chart.

The Trojan was widely spammed out in an attack during the last few days of October, taking advantage of an unpatched Windows vulnerability to infect innocent PCs.

"PDFex only started to circulate at the very end of the month, but still managed to account for over 13 percent of all emailed malware during October. It was heavily spammed out between 26-28th October, and during that period, it accounted for a staggering two thirds, or 66 percent, of all malware spread via email," said Carole Theriault, senior security consultant at Sophos.

"PDFs have long been used in business as a means of sharing information, so the social engineering trickery of using a PDF puts insufficiently protected businesses at risk. Adobe have issued an update to their Acrobat software that fixes the problem, and eyes are now turned to Microsoft to patch the underlying flaw in Windows which could also affect other vulnerable applications such as Skype and Firefox."