Some more information
That's a mightily impressive six times more infections than the tried and trusted malicious Iframe attack of Mal/Iframe-F.
I'd recommend that surfers check their protection is up-to-date and fighting this one.
Good thing that
Besides, Flaws in Adobe software is old news
is it me or does anyone else see the hand of...
..Kvnt Eurtgruel in this?
Good thing that we both wasted time posting pointless stuff!
Is anyone still using Adboe Reader??? I thought all the smart people had moved over to Foxit.
Not just Foxit, there are a host of alternatives, for Windows and non-Windows alike. KPDF is what comes preinstalled on my OS/distro of choice.
I work for a fairly large hosting provider and we're seeing it here too.
Interestingly, we're also seeing a .htaccess being dropped into the root ftp folder which attempts to perform various redirects, set (compromised) custom error docs and calls some perl scripts.
Ammusingly they don't upload the error docs, scripts and their .htaccess is malformed, which simply took the sites offline instead. If the error docs had been correctly uploaded then they'd have spread via the 500 internal server errordoc though.
The reason I mention it is because it's from the same 'straight-in' access from compromised FTP accounts. I cleared out about 15 infections yesterday - of which all logged in first time with the right details.