PDF files despite being coated with added encryption could be hacked very easily, team academics have found
The new attack, called PDFex, comes in two nuances and in testing, it was succeeded in being able to hack data from PDF files in 27 desktop and web PDF readers including Adobe Acrobat, Foxit Reader, Nitro and from Chrome and Firefox’s in-built PDF viewers.
pdf doesn’t in fact only target the encryption tried on PDF documents by outside software. Rather the attack relies on the encryption patterns instilled by the Portable Document Format (PDF) which means all PDFs are suspect irrespective of the software used to look at them.
-A famous PDF app could have downloaded malware on your Android phone
-How to revise PDF for free
-Businesses still aren’t securing their removable devices with encryption.
In a blog post published by the researchers, it has been revealed that encrypted PDF documents are suspect to two attacks types that are known by the process used to carry out the attack and exfiltrate information
The first, called “direct exfiltration” relies on the fact that PDF software doesn’t encrypt the whole of a PDF file and in fact leaves a few parts as it is. By tampering with these unencrypted fields, an attacker can develop a false trap PDF file that will attempt to send the file’s content back to an attacker when decrypted and opened.
The second PDFex attack variation relies on the details of a PDF file that is encrypted. By using CBC gadgets, an attacker can edit the plaintext data contained in a PDF at its source.
This shows that an attacker can use a CBC gadget to edit the encrypted content to create another false trap to mislead PDF files that submit their own content to remote servers using PDF forms or URLs.
All of the different methods of PDFex require than an attack be able to edit user’s encrypted PDF files. However, to do this they would have to hijack a victim’s network traffic or have physical access to their devices or storage.