I just came across the slides for a presentation given by Julia Wolf, a senior researcher with FireEye. I only have the slides, unfortunately, but they are a fairly good technical summary of the basic details of PDF format and how it can be hacked.

From the summary:

PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader.

You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.

If this presentation doesn't scare you then trust me, it should.

slides (PDF)

27C3 Update: The video of the presentation has been uploaded to Youtube.

P.S. Note that the slides are a PDF and the presentation is on PDF hacking. I find that amusing, don't you?

About Nate Hoffelder (9946 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

5 Comments on 27C3 – OMG WTF PDF

  1. Essentially it means that not only are PDFs not really ebooks, they have long since stopped being documents and are properly seen as self-executing software targetting the Acrobat runtime environment. (Or equivalents.)
    And people routinely execute these things on their computers and printers with nary a though of where they come and what’s in them.
    Maybe *that* is where Skynet comes from.
    We really *are* all doomed. đŸ™‚

  2. I am building my firewall as we speak….that is right, a Wall of Fire to protect me from the machines!

  3. great information even the google hack in china was done using a pdf vulnerability

  4. The video recording is now available and you can also view it at YouTube: http://www.youtube.com/watch?v=54XYqsf4JEY

Leave a comment

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: