Search-and-send: Solitaire works fine, too

Posted by Sebastian Klipper at March 9th, 2010. Share this article on Twitter or Xing.

A few days ago, Didier Stevens demonstrated the danger that comes along with PDF files. In his blog he showed how easy it is to spread malicious PDF files in order to search-and-send confidential information to the Internet. In his new posting he does the same without exploiting anything but the guy in front of the screen.

This time he uses the Excel based game “Frisky Solitaire” (see picture). As you see, it is made for male users and it works without any exploits.

He underlined: “Several people have asked me about de details of the vulnerability I exploited in my PDF Info Stealer PoC. But that’s not important. It’s not about the exploit, it’s about the payload: the info stealer.”

This post is also available in: German

Caterory: Comunity.
Tags: No tags for this article.

Leave a comment

By posting this comment you agree, that your name, Email address and your IP address is stored with your comment. View details in the pricacy statement.

Powered by WP Hashcash