Targeted attacks on Google, Yahoo, Adobe and other companies

On Tuesday, 13th of January, Google announced that their security experts detected targeted attacks on Google's employees. The attackers successfully gained access to sensitive data about certain users of the Gmail service provided by Google. The attacks were carried out in second half of December last year and, according to a report by iDefense, attackers used malicious PDF documents to exploit client machines. The malicious PDF documents were sent as e-mail attachments.

Exploitation of vulnerabilities in the Adobe Reader and Acrobat applications became very common in last couple of years due to a high number of identified vulnerabilities in these products. Infigo's security researcher Bojan Ždrnja published several analysis of malicious PDF documents on SANS' Internet Storm Center website; the analysis can be seen at the following URLs: http://isc.sans.org/diary.html?storyid=7867 and http://isc.sans.org/diary.html?storyid=7984. It is assumed that similar malicious PDF documents were used in published attacks.

Google also announced that they detected attacks on over 30 other companies and that the attackers, which are suspected to come from China, managed to gain access to sensitive intellectual property such as application source code. INFIGO IS is urging customers to install the latest available patches for the Adobe Reader and Acrobat applications and to disable JavaScript in these applications as well.