PDF and Flash files under threat from cryptic code

PDF and Flash files are under attack by criminals using code obfuscation' and the latest Web 2.0 techniques, according to a report by Finjan.

The new report claimed that malicious obfuscated code' - meaning source code or intermediate code which is very hard to read or understand - has now evolved into a serious threat.

It looked at examples where obfuscated code had not only been embedded in HTML web pages on legitimate websites, but also in rich-content files thanks to the use of JavaScript.

"Since JavaScript is the most-used scripting language for communication with web browsers, third-party applications such as Flash players, PDF readers and other multimedia applications have added support for JavaScript as part of their application," said Yuval Ben-Itzhak, chief technology officer of Finjan.

Ben-Itzhak said this offered crimeware authors ways to inject malicious code into rich-content files used by ads and user-generated content for Web 2.0 websites.

Obfuscated code has been around a while; it has been reportedly been used since 2005 as a weapon for propagating malicious code. It was able to bypass the traditional signature-based solutions which had been used by security vendors.

Finjan claimed code obfuscation utilities and other encoding methods allowed cybercriminals to plant invisible' malicious code, which infected a user's machine every time they visited the malicious site.

Last year IT PRO looked at the threat provided by dynamic code obfuscation'.