PDF CVE-2013-0640 Vulnerability Exploited in MiniDuke, Zegost, PlugX Malware Campaign Attacks

adobe reader pdf exploit attacksComputer security experts have uncovered a number of Advanced Persistent Threat (APT) campaigns that rely on Adobe Reader vulnerabilities to distribute malware. The particular exploit, the CVE-2013-0640 vulnerability in Adobe Reader, has been used in the many various campaigns, such as MiniDuke, Zegost, and PlugX.

MiniDuke is known to be a malware threat used in targeted attacks specifically against European government institutions in the past. Through targeted Adobe Reader PDF files, payload-drop attacks have been used in a Zegost attack, which is not directly related to the MiniDuke exploitation. Though, a series of malicious PDFs have been identified in PlugX campaigns, a component once utilized in a new rash of a Remote Access Tool, also known as Korplug.

Various versions of malicious PDF files have been dropped on computers around the world, each using a completely different campaign. The campaigns have ranged from using MiniDuke, Zegost malware and PlugX campaigns.


Cyber Crime is on the Rise: Why the Cyber Criminals Get Away With It

Cyber criminals use phishing, malware, and other hacking techniques to obtain data and/or steal money. If you do not take action, your PC may be vulnerable to cyber attacks. What should you do?

Get SpyHunter to Remove Malware Today!

These APT campaigns are highly targeted. Some of the specific regions affected are users from Japan, South Korea and India. Experts deep into the research behind recent APT campaign exploits using Adobe Reader, have been lead down a road to discover that each attack was initiated with their own method to exploit the same vulnerability.

There has been a noticeable increase in the amount of malicious PDFs exploiting the CVE-2013-0640 vulnerability, which demonstrates the recent APT behavior. No longer are malicious Microsoft Word documents used to exploit an older widely-used CVE-2012-0158 vulnerability. It seems the cybercrooks have taken the high road to explore much more complex and aggressive infrastructures to exploit systems, all using APT methods with the help of various MiniDuke, Zegost and PlugX campaigns.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.