The PDF files are the order of the day. This document format is the best option that we can use when sending any writing to other people. Not only can it guarantee that the document has not been modified, but it also guarantees that there will be no style problems, no font changes or anything. However, despite being very useful, it is also a very dangerous format, as hackers often resort to it in order to easily infect their victims’ computers.
Just as Word and Excel documents can be used to distribute malware through the use of macros, similar techniques are used with PDFs to compromise user security.
There are several ways to use this document format to do evil. The first one is by using exploit. The hacker knows of a vulnerability in Adobe Reader, or any other reader, and hide the exploit inside the document. When we open the document with the PDF reader, the exploit is executed and manages to execute malicious code on the computer. The second of the techniques used is similar. Hidden inside the document is a script (similar to a Word macro) that has two possible goals: either to download and run malware from an external site, or to load hidden malware even deeper inside the PDF.
Trust: the biggest mistake
We are used to malware arriving in binary formats, such as .exe, .com, or other formats ready to be loaded onto the PC. Therefore, when we see a PDF file, we usually trust it and run it without worrying about what might be inside. Serious mistake.
If we have downloaded PDF documents from the Internet, or we have received them by mail, unless they always come from trusted sources (reliable websites, contacts in the agenda, etc), they most likely hide some kind of threat.
It is true that, to be infected with malware, it is necessary to have the PC unprotected and the reader not updated. In addition, we must disable the protection measures that usually come by default in PDF readers. However, there are many ways to trick us into disabling these security measures. And therefore we can put ourselves in danger.
What to do if I have opened a PDF
If we have opened the PDFs without worrying about possible dangers, we should not raise our hands to our heads either. As long as we have a good antivirus installed on the computer, and the pdf viewer (such as Adobe Acrobat Reader) updated to the latest version, almost certainly they could not have infected us. But there is always that possibility.
In this case, what we have to do is carry out a complete analysis of our PC in search of threats with the antivirus that we have installed on the computer. And we can also use a program, called Process Explorer, to analyze each and every one of the processes that we have loaded in the PC’s memory through VirusTotal and be able to know for sure that the PC is clean and has no malicious code running .