The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

pdf virus

Discussion in 'E-mail Discussions' started by abubin, Jul 30, 2007.

  1. abubin

    abubin Well-Known Member

    Joined:
    Dec 7, 2004
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
    hi,

    anyone know how to handle those new strain of virus embedded in pdf files?

    My mailscanner+spamassassin+clamav is unable to detect this as virus or spam and it got through to my users. The users antivirus, nod32 also failed to detect that as virus. Sadly, users went and open this file and got infected.

    Is there anyway to fight this virus?

    I found this link http://blog.atmail.com/?p=61 but it only deals with pdf spams. Any solution to this problem besides just outright banning all pdf files?

    Thanks in advance.
     
  2. jerrybell

    jerrybell Well-Known Member

    Joined:
    Nov 27, 2006
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    I suspect that the virus is not actually being delivered as a pdf - mostly it used some trickery to make the end user think it was a pdf file. I suspect you have find a virus that simply isn't covered by clamav yet.

    It's also possible/likely that the clamav that cpanel uses does not support the signature that is needed. Clamav on my servers is at 0.90.2, and the latest version is 0.91.1, so it's a few revs behind. While the pattern files may update, the that the engine isn't updating also may cause the problem.
     
  3. abubin

    abubin Well-Known Member

    Joined:
    Dec 7, 2004
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
  4. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Good deal - it'll only affect Adobe Acrobat, not Adobe Reader. And if it nails a million copies of Adobe Acrobat and causes those people to have to rebuild their systems and possibly _not_ use Acrobat in the future, the world will be a much nicer place.

    Mike
     
  5. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    And what would you suggest people use to create, edit and manage PDFs?

    Are you anti-Adobe, or anti-PDF?
    I'm just curious what the alternatives are for PDF.

    Brian
     
  6. jerrybell

    jerrybell Well-Known Member

    Joined:
    Nov 27, 2006
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    I wouldn't mind having a copy. BTW, this link is from 2001.

    The "virus" was actually an exploit of a vulnerability in acrobat. Over the years, there have been many vulnerabilities found in acrobat, and some of them were wormed. I wasn't aware of a new one, though.

    Possibly, it's an old version of acrobat...
     
  7. abubin

    abubin Well-Known Member

    Joined:
    Dec 7, 2004
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
    I am not sure if it's old news or not but it definitely only started to show for the past couple of weeks. I think it's more of a new kind of virus. It's definitely a .pdf file. Not like double extension kind with hidden executable file or something else.
     
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,466
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm pretty sure the latest round of this is simply more spam. If you're sure your computer is secure, open it and have a peek. If you're not, don't. of course...
     
  9. velda

    velda Well-Known Member

    Joined:
    Aug 24, 2005
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Utah
    I'm not that guy so I can't speak for him, but I can speak for myself. PDFs are fabulous but you do not need Acrobat to make them. You can use cutepdf, open office, .. you can upload any old document to googledocs and export it as a pdf .. so many options, so little cost ;)
     
Loading...

Share This Page