Fake scanned documents lead to Zeus infection

A new spam e-mail campaign is currently underway, and takes the form of a document scanned and sent by a Xerox WorkCentre Pro scanner:

The attachment is a specially crafted PDF document, warns BitDefender, and is able to exploit four Adobe Acrobat Reader vulnerabilities – all of which can be used by an attacker to remotely execute arbitrary code on a vulnerable system.

In this case, the ultimate goal of the people behind this spam campaign is to spread the credentials-stealing Zeus Trojan.

Not a lot of people are aware of the fact that printers are able to send scanned documents via e-mail and hopefully that will make them suspicious.

Unfortunately, a quick search on the Internet will reveal to them that this is possible, and that fact might generate a completely different effect – especially if the e-mail is coming from a compromised e-mail address of someone they know.