• I want to thank all the members that have upgraded your accounts. I truly appreciate your support of the site monetarily. Supporting the site keeps this site up and running as a lot of work daily goes on behind the scenes. Click to Support Signs101 ...

Can PDF's Carry a Virus?

G

garyroy

New Member
If you are a computer pro, your knowledge is needed here. I'm sure others with an opinion will weigh in.
"Can a downloaded PDF bring a virus onto a computer?"

I was always under the impression it could not, but I do not have any science to back that up.
What say you, grand counsel of Sign Professionals? :)
 
James Burke

James Burke

Being a grandpa is more fun than working
I assume they can. I use Trend Micro, and I always get a pop-up window stating the fact that a downloaded .pdf does not contain any threats (viruses, malware, etc...).


JB
 
bob

bob

It's better to have two hands than one glove.
James Burke said:
I assume they can. I use Trend Micro, and I always get a pop-up window stating the fact that a downloaded .pdf does not contain any threats (viruses, malware, etc...).


JB
Click to expand...
Did your software ever encounter a malicious PDF?
 
James Burke

James Burke

Being a grandpa is more fun than working
bob said:
Did your software ever encounter a malicious PDF?
Click to expand...
I don't believe so. However, it won't let me go to some sites due to potential security issues.

I've read of cases where malicious files have had .pdf extensions

JB
 
Last edited:
Texas_Signmaker

Texas_Signmaker

Very Active Signmaker
A virus can be hidden in any file type... That's an elementary way to avoid detection from an antivirus which I'm sure has caught on since I was working with them.
 
N

netsol

Active Member
i think it is more likely that a virus infected file would be RENAMED, misreporting itself as a pdf to slip by the AV software. i have never seen a pdf that was virus infected.
 
WildWestDesigns

WildWestDesigns

Active Member
There was an issue a few years ago where all major browsers on all OSs (all 3 major ones anyway) had with reading infected PDFs within the browser was a vector for the malicious code. Until that was patched, reading PDFs within the browser was off by default for awhile.

In short, PDFs can contain dynamic elements in it and it is thru that, there can be a malicious payload. JS can be embedded in PDFs, in fact, I think even Adobe has warned about that. Even EPub v3 files can have JS in them, which there is concern there, particularly with the raise of EPub usage.

So while, it does take running the PDF to trigger it, it in of itself isn't an executable, due to having dynamic elements in it, yea, it can be used to deliver malware.

Reminds me of the security implications of macros in Excel and that has been a vector for both Windows and Mac users (for the most part). Anytime there is dynamic content in an otherwise static file (or zip file as far as EPub goes) that presents a means for infection. How likely, may be something else, but it's there.
 
Last edited:
Print1

Print1

Tech for your cutter, printer & logistics needs
A pdf is one of the most common virus disguises.. more specifically in how it’s written, XML’s as well
 
Kemik

Kemik

I sell stickers and sticker accessories.
If it's PDF artwork to print from, most likely not a virus. If it is a PDF form, with links and buttons and drop downs etc, I'm sure you could hide some malicious code in there somewhere, but it would probably require you to push a button or choose from a drop down or mouse click somewhere to activate the code, a link could send you to a malicious website, etc.
 
WildWestDesigns

WildWestDesigns

Active Member
Kemik said:
If it's PDF artwork to print from, most likely not a virus. If it is a PDF form, with links and buttons and drop downs etc, I'm sure you could hide some malicious code in there somewhere, but it would probably require you to push a button or choose from a drop down or mouse click somewhere to activate the code, a link could send you to a malicious website, etc.
Click to expand...
You can have JS execute when the document is opened. Rather or not, someone does have that coded in there is something else. Actions will require user input if I remember correctly.

Typically the best thing to do is to actually disable JS totally in Acrobat (or see about doing it in the preferred program you are using to read the document, if available).
 
GAC05

GAC05

Quit buggin' me
Good info, from now on I will make sure to wear one of these while opening sketchy pdfs
1656212201677.png
 
bob

bob

It's better to have two hands than one glove.
Such is the insanity of an operating system capable of executing messages.
 
V

Vassago

New Member
garyroy said:
If you are a computer pro, your knowledge is needed here. I'm sure others with an opinion will weigh in.
"Can a downloaded PDF bring a virus onto a computer?"

I was always under the impression it could not, but I do not have any science to back that up.
What say you, grand counsel of Sign Professionals? :)
Click to expand...
Basically.. Any file that you "execute" instead of read can have a virus.

So Txt files are fine, but pdfs, spreadsheets, word docs, etc can all have various types of virus. Most will ask you to enable macros or download something to read it/convert it - but don't be fooled.. You rarely need a macro to be activated and should always be able to read a pdf without converting it.

If you haven't asked for a file.. Don't open it.

Its a good idea to setup a VM to scan such files if you really need to. That way you can destroy the machine and rebuild it every time.
 
N

netsol

Active Member
I did a bit of reading ACCORDING TO CNET (what a source!) there have been visual basic virus in pdf's for 20 years
newer viruses are java based.

so YES
 
Kemik

Kemik

I sell stickers and sticker accessories.
WildWestDesigns said:
You can have JS execute when the document is opened. Rather or not, someone does have that coded in there is something else. Actions will require user input if I remember correctly.

Typically the best thing to do is to actually disable JS totally in Acrobat (or see about doing it in the preferred program you are using to read the document, if available).
Click to expand...
I believe if you open the PDF in Illustrator it will just ignore all the JS and Form Data?
 
A

AKwrapguy

New Member
So any just about any file can carry a payload. In fact there is software (Metasploit is one example and it free and easy to use) specifically made that allows an attacker to create an exploit and embedd it into a .pdf. Once you open the file it notifies the attacker which will allow them to pivot to other process on your computer and create the ability to permanently gain access to your computer as long as it's plugged in.
This process takes all of 10 minutes and something we did in our offense infosec class. One of the easiest targets we found were HR depts as most people sent in resumes as .pdf's and HR dept usually has limited technical knowledge.

Sales people were also a pretty easy access point.

Another tactic is Steganography, which is a really interesting practice of hiding potential malicious code in a raster image.

Make sure that your Anti-Malware/virus is up-to-date and don't click on and strange e-mails or attachments.

Sleep well....
 
Eforcer

Eforcer

Sign Up!
garyroy said:
If you are a computer pro, your knowledge is needed here. I'm sure others with an opinion will weigh in.
"Can a downloaded PDF bring a virus onto a computer?"

I was always under the impression it could not, but I do not have any science to back that up.
What say you, grand counsel of Sign Professionals? :)
Click to expand...
I've had issues in the past with many files submitted by clients. Must have no clue that their systems have problems. 7 years ago I purchased Eset system. I had no problems since. A good prevention software can help you analyze a file before opening.



Sign Up!
 
bob

bob

It's better to have two hands than one glove.
AKwrapguy said:
...

Another tactic is Steganography, which is a really interesting practice of hiding potential malicious code in a raster image.

...
Click to expand...
Almost anything can be tucked inside of a bitmap. Diddling a bit or two here and there is impossible to detect visually and can contain all manner of code and data. The problem is that the receiving end has to have specific software installed and running in order to first know that something is there and then to extract and do something with it.

A great way to encrypt, send, and receive all manner of utterly secure data if both stations have the key. Almost impossible to do unilaterally, so not the sort of thing that your average merry prankster is able to pull off.
 
G

garyroy

New Member
bob said:
Almost anything can be tucked inside of a bitmap. Diddling a bit or two here and there is impossible to detect visually and can contain all manner of code and data. The problem is that the receiving end has to have specific software installed and running in order to first know that something is there and then to extract and do something with it.

A great way to encrypt, send, and receive all manner of utterly secure data if both stations have the key. Almost impossible to do unilaterally, so not the sort of thing that your average merry prankster is able to pull off.
Click to expand...
Thanks
 
Last edited:
You must log in or register to reply here.
Top