1 Reply Latest reply on Jan 21, 2010 6:12 PM by ~graffiti

    How do I know if I clicked on a PDF exploit?

    tservo2010

      Yesterday a family member was on facebook. Somehow there was a pop up something about explorer needing to close. The family member being smart used task manager to close out.

       

      However, another family member not so smart went into the history, and clicked on a history item,  something like

      rysbabyc  or some such weird looking thing, which took them to www. getsabout .com ( I spaced out the name here so nobody would accidentally click on it) The web page looked like an adobe reader format page, you know like when you open something with adobe reader. However there was no contnet within what looked like a ADOBE Reader document outline

       

      Anyway they realized something was strange so they immediately clicked off the page. I did not want to recreate that so I did not click on it to further explore what they saw

       

      But I did some research and  I came to find out that that webname (www. getsabout .com) was just "created" on 1/20/10 So I'm pretty sure this is some kind of malicious activity. I have further found out that it may be some activity from Russia which used PDF exploits.

       

       

      luckily we have ADOBE reader version 9.3

      I have since run scans with my Norton ,SpyBOT, and Malwarebytes. all come up clean. I notice no funky behavior of the computer. I even rebooted and  boot up went fine. Ran the aforementioned scans again after boot up, again all clean

       

      So my questions

       

      1.So does this sound like it may have been a malicious page?

       

       

      2.  if it were a PDF exploit, would it show some contnet on the screen?

       

       

      3. The fact that the page was a pdf format with no content shown mean that maybe the new features of ADOBE Readerer version 9.3 blocked malicious content?

       

       

       

      4. Does it appear that despit stupid behavior on family member's part, we came away unscathed,THIS time?

        • 1. Re: How do I know if I clicked on a PDF exploit?
          ~graffiti Adobe Community Professional & MVP
          1.So does this sound like it may have been a malicious page?

           

           

          2.  if it were a PDF exploit, would it show some contnet on the screen?

           

           

          3. The fact that the page was a pdf format with no content shown mean that maybe the new features of ADOBE Readerer version 9.3 blocked malicious content?

           

           

           

          4. Does it appear that despit stupid behavior on family member's part, we came away unscathed,THIS time?

          1. Possiblt. Or at least a poorly constructed one. Either way, I wound't go back

           

          2. Not particularly

           

          3. 9.3 is supposed to have patched this vulnerability

           

          4. Sounds like you got lucky yes.