A Flaw Of PDF Allows Hackers To Access Password-Protected Files
Saanvi Araav - Oct 12, 2019
A group of researchers has found out a technique allowing hackers to access content from an encrypted or password-protected PDF document
- IoT Businesses In India Have To Suffer The Rise Of Cyberattacks
- Former Yahoo Employee Hacked 6,000 Accounts For Sexual Photos
- A Hacker’s Fake iPhone Charging Cable Can Hijack Your Computer
A group of researchers has found out a technique that allows hackers to access content from an encrypted or password-protected PDF document under some conditions. From the published paper - German researchers from Münster University and Ruhr-University Bochum have disclosed two types of cyber attacks that exploit the vulnerability in 23 popular PDF viewers. The vulnerable list includes the PDF viewers built-in Firefox and Chrome, Evince, Adobe, and others.
PDFex attack uses the security weaknesses within the built-in encryption protection of the PDF file. This attack does not try to crack the encrypted PDF file's password, but rather, it takes advantage of the partial encryption of the PDF specs to exfiltrate the content remotely when the user opens the file.
More troublesome is that the hacker does not need any user interaction to exfiltrate the document. They just needed to tampering the unencrypted data via the PDF form.
The 2nd Type
The 2nd type of attack is quite similar to the first one. However, it only uses the PDF file's encrypted bits. It takes advantage of the encrypting plaintext blocks' CBC mode to change part of ciphertext into another part of the ciphertext.
The CBC mode uses the chaining mechanism to protect data that means the encryption of each block depends on the previous block. So you need to know the “plaintext segment” to manipulate the encrypted object directly.
The researchers have disclosed these findings to all impacted vendors and release to the general public a POC of the PDFex attacks. They suggest that to mitigate this type of attack, we should drop support for the partially encrypted PDF format.