.. /.Pdf

Phishing
Exploit
Script
Native
Double Click

Author:

mr.d0x

Description:

PDF or Portable Document Format is used to share read-only documents. They are constantly used by attackers in phishing attacks. Exploits for PDF readers such as Adobe are also common. PDF also supports a JavaScript API which can be used to gather information about the user opening the file.

OS:

Windows
Mac
Linux

Recommendation:

Ensure the latest version of the PDF viewer (e.g. Adobe) is always installed.

Resources:

https://opensource.adobe.com/dc-acrobat-sdk-docs/acrobatsdk/pdfs/acrobatsdk_jsapiref.pdf
https://unit42.paloaltonetworks.com/phishing-trends-with-pdf-files/

File Samples:

Contributions: