Hackers used rigged PDFs to hit Google -- and Adobe, says researcher
Adobe confirms attack against its network linked to Google's
Computerworld - Adobe today confirmed that the cyberattack that hit its corporate network earlier this month was connected to the large-scale attacks Google cited yesterday as one reason it might abandon China.
Meanwhile, some researchers have hinted, and others have claimed, that the attacks against both Google and Adobe were based on malicious PDFs that exploited a just-patched vulnerability in Adobe's popular Reader software.
Adobe is the first company to step forward after Google announced yesterday that the attacks were aimed at accessing Gmail accounts of human rights activists.
"We are still in the process of conducting our investigation into the incident," said Wiebke Lips, Adobe's senior manager of corporate communications, in an e-mail reply to questions today. "[But] It appears that this incident and the one Google announced earlier are related."
Yesterday, Google and Adobe acknowledged that their company systems had been struck by what both firms characterized as "sophisticated" attacks. Google added that it believed the attacks against its network, which took place last month, originated in China.
Google claimed that some of its intellectual property was stolen in the attack, and added that another aim of the assault was to access the Gmail accounts of Chinese human-rights activists. The California-based search firm cited the latter, as well as ever-more-restrictive rules ordered by the Chinese government, in its decision to review its business in the country.
If the Chinese do not allow Google to run its Chinese search engine unfiltered, the company may pull out of the lucrative market.
Adobe also admitted yesterday that it had been targeted by attackers. "Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies," the company said in a Tuesday statement posted on its company blog. "At this time, we have no evidence to indicate that any sensitive information -- including customer, financial, employee or any other sensitive data -- has been compromised."
Security researchers hinted earlier today that the attacks against Google, Adobe and dozens of other major firms were conducted using malicious PDFs that exploited one or more vulnerabilities in Adobe Reader. Analysts at Verisign's iDefense security group told Robert McMillan of IDGNews today that hackers had launched targeted attacks using a malicious document attached to e-mail messages.
While iDefense did not identify rogue PDFs as the malformed documents, its researchers claimed that the attachments exploited a "zero-day" -- a vulnerability that had not yet been patched -- in a "one of the major document types," a definition that certainly fits Adobe's PDF format.
Only yesterday did Adobe patch a zero-day in Reader. The bug had been publicly known since mid-December, and used surreptitiously by hackers for at least several weeks before that.
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Knowledge Center White Papers | Webcasts