Authors:
Julian Lindenhofer
;
Rene Offenthaler
and
Martin Pirker
Affiliation:
Institute of IT Security Research, University of Applied Sciences St. Pölten, Austria
Keyword(s):
PDF Documents, Malware, Malicious PDFs, Security.
Abstract:
The storage, modification and exchange of digital information are core processes in our internet connected world. Common document formats enable this digital information infrastructure. More specifically, the widely used PDF document format is a commodity container for digital information. Although PDF files are a well established format, users may not know that they contain not only simple textual information, but can also embed pieces of program code, sometimes malicious code. This paper explores the capabilities of the PDF format and the potential of its built-in functions for malicious purposes. PDF file processors that implement the full PDF standard also potentially enable credential phishing, loss of privacy, malicious code execution and similar attacks via PDF documents. Furthermore, this paper discusses the results of practically evaluated, working code snippets of PDF feature misuse and strategies to obfuscate and hide malicious code parts in a PDF document, while still con
forming to the PDF standard.
(More)