I can see it now: "New worm infects PDFs, causes users viewing them to mine Bitcoin."
this post was submitted on 16 Jan 2025
83 points (95.6% liked)
Games
42904 readers
610 users here now
Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.
Rules
1. Submissions have to be related to games
Video games, tabletop, or otherwise. Posts not related to games will be deleted.
This community is focused on games, of all kinds. Any news item or discussion should be related to gaming in some way.
2. No bigotry or harassment, be civil
No bigotry, hardline stance. Try not to get too heated when entering into a discussion or debate.
We are here to talk and discuss about one of our passions, not fight or be exposed to hate. Posts or responses that are hateful will be deleted to keep the atmosphere good. If repeatedly violated, not only will the comment be deleted but a ban will be handed out as well. We judge each case individually.
3. No excessive self-promotion
Try to keep it to 10% self-promotion / 90% other stuff in your post history.
This is to prevent people from posting for the sole purpose of promoting their own website or social media account.
4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts
This community is mostly for discussion and news. Remember to search for the thing you're submitting before posting to see if it's already been posted.
We want to keep the quality of posts high. Therefore, memes, funny videos, low-effort posts and reposts are not allowed. We prohibit giveaways because we cannot be sure that the person holding the giveaway will actually do what they promise.
5. Mark Spoilers and NSFW
Make sure to mark your stuff or it may be removed.
No one wants to be spoiled. Therefore, always mark spoilers. Similarly mark NSFW, in case anyone is browsing in a public space or at work.
6. No linking to piracy
Don't share it here, there are other places to find it. Discussion of piracy is fine.
We don't want us moderators or the admins of lemmy.world to get in trouble for linking to piracy. Therefore, any link to piracy will be removed. Discussion of it is of course allowed.
Authorized Regular Threads
Related communities
PM a mod to add your own
Video games
Generic
- !gaming@Lemmy.world: Our sister community, focused on PC and console gaming. Meme are allowed.
- !photomode@feddit.uk: For all your screenshots needs, to share your love for games graphics.
- !vgmusic@lemmy.world: A community to share your love for video games music
Help and suggestions
By platform
By type
- !AutomationGames@lemmy.zip
- !Incremental_Games@incremental.social
- !LifeSimulation@lemmy.world
- !CityBuilders@sh.itjust.works
- !CozyGames@Lemmy.world
- !CRPG@lemmy.world
- !OtomeGames@ani.social
- !Shmups@lemmus.org
- !VisualNovels@ani.social
By games
- !Baldurs_Gate_3@lemmy.world
- !Cities_Skylines@lemmy.world
- !CassetteBeasts@Lemmy.world
- !Fallout@lemmy.world
- !FinalFantasyXIV@lemmy.world
- !Minecraft@Lemmy.world
- !NoMansSky@lemmy.world
- !Palia@Lemmy.world
- !Pokemon@lemm.ee
- !Skyrim@lemmy.world
- !StardewValley@lemm.ee
- !Subnautica2@Lemmy.world
- !WorkersAndResources@lemmy.world
Language specific
- !JeuxVideo@jlai.lu: French
founded 2 years ago
MODERATORS
PDFs have been an attack vector for a while actually.
One more reason never to use the official adobe software. SumatraPDF is awesome. Barebones and blazing fast.
Anti adobe is cool - the recommendation is appreciated... but any software can be the target of a document based exploit and may well be susceptible to the same exploit depending on the libraries used. Additionally, smaller software projects can take longer to update as they have less staff working on them. Absolutely support open software and alternatives... Just a word of caution.
I don't think it has to do with opening a PDF in Adobe, but okay.
Yeah it does. Adobe has a lot of active script support, including java script for example, which can be exploited. If a software can't interpret those scripts at all and simply displays plain text, that means malware won't be executed.
And since Adobe Acrobat / Acrobat Reader are the most common pdf viewers out there, they are a natural target for hackers as well.
Is Acrobat the only pdf reader with active script support? For example, do the common browsers which can also open pdfs not support the same things?
I genuinely don't know, I have set my browser to download pdfs by default and only open them with Sumatra. There might be a scripting layer active in the browser as well though, quite possible.
Then would you agree that it doesn't have to do with Adobe Acrobat, as much at it does active script in PDFs and if the reader executes it?
If you view it on your system it's a vector. Large / complex documents which may parse things with different libraries just happen to have a larger attack surface.
Pretty sure that was already a thing years ago.
This was the thought that entered my head. Kids these days didn't live through rampant vbscripts running off the onLoad event.