Fake scanned documents lead to Zeus infection
A new spam e-mail campaign is currently underway, and takes the form of a document scanned and sent by a Xerox WorkCentre Pro scanner:
The attachment is a specially crafted PDF document, warns BitDefender, and is able to exploit four Adobe Acrobat Reader vulnerabilities – all of which can be used by an attacker to remotely execute arbitrary code on a vulnerable system.
In this case, the ultimate goal of the people behind this spam campaign is to spread the credentials-stealing Zeus Trojan.
Not a lot of people are aware of the fact that printers are able to send scanned documents via e-mail and hopefully that will make them suspicious.
Unfortunately, a quick search on the Internet will reveal to them that this is possible, and that fact might generate a completely different effect – especially if the e-mail is coming from a compromised e-mail address of someone they know.