Attackers have begun exploiting a design flaw in Adobe Systems' PDF format to spread the Zeus botnet, only days after the publication of a proof-of-concept exploit for the flaw, according to security researchers.
On Wednesday, researchers at M86 Security said they had discovered e-mails claiming to originate from Royal Mail with PDF attachments exploiting the flaw. The attachment attempts to run an executable file that installs the Zeus Trojan on a user's system.
Zeus attempts to steal banking information by logging a user's keystrokes. It also attempts to make a user's system part of the Zeus botnet.
Read more of "Zeus botnet jumps on PDF design flaw" at ZDNet UK.