Cybercriminals inject malware into PDF & Flash files using latest Web 2.0 tech / Public Technology, 24 Sep 2008
http://www.publictechnology.net/modules.php?op=modload&name=News&file=article&sid=17370
"Finjan, a supplier of secure web gateway products, has announced that its Malicious Code Research Center (MCRC) discovered examples of obfuscated code embedded not only in HTML-webpages on legitimate websites, but also in rich-content files. “Since JavaScript is the most-used scripting language for communication with web browsers, third-party applications such as Flash player, PDF readers and other multimedia applications have added support for JavaScript as part of their application,” said Yuval Ben-Itzhak, CTO of Finjan. “This offers crimeware authors the opportunity to inject malicious code into rich-content files used by Ads and user-generated content on Web 2.0 websites.” "