Troj/Pdfex-HM
Posted: November 23, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 19,286 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 28 |
| First Seen: | November 25, 2012 |
|---|---|
| Last Seen: | February 7, 2025 |
| OS(es) Affected: | Windows |
Troj/Pdfex-HM is a malicious Adobe PDF that's one component of an e-mail spam-promoted Blackhole Exploit Kit attack. Computers with vulnerable Adobe software that are exposed to Troj/Pdfex-HM, which is presented in web page for a fake browser update, will be infected with Mal/Zbot-JG – a variant of the Zeus banking trojan. SpywareRemove.com malware experts can recommend avoiding suspicious e-mail links, updating your Adobe software and refusing downloads from suspicious sources as good defenses against Troj/Pdfex-HM, but Troj/Pdfex-HM's payload is a high-level PC threat and, like equally advanced malware, should be removed by suitable anti-malware products. Failure to respond to a Troj/Pdfex-HM attack appropriately may result in your PC's security being compromised and private information – such as e-mail addresses, credit card numbers or bank account passwords – being stolen without any symptoms of the attacks.
Troj/Pdfex-HM: One Head of a Four-Faced Black Hole
Current websites that host Troj/Pdfex-HM exploits pretend to be fake update links for various web browsers, with links to the base site usually being initiated by spam e-mail. Current e-mail samples for Troj/Pdfex-HM-related sites pose as fake iTunes invoices and are formatted to look like an unusually high bill – with a request to click one of the proffered links if you have any objections.
However, the website in question actually is just a home site for one of the many Blackhole Exploit Kit variants around the web. This version of BEK includes separate attacks as noted here:
- PCs with vulnerable PDF readers will be attacked by a drive-by-download that's initiated through Troj/Pdfex-HM, a malicious PDF file.
- PCs with vulnerable JavaScript software will face a similar attack through Mal/ExpJS.
- A third attack, designed for Flash, uses the SWF file Troj/SWFExp-AI.
Finally, even if all of these attacks fail due to a lack of vulnerable software, you may still infect your own computer if you download any of the fake 'browser update' links on this website. Either way, the result is that your computer will be infected by Mal/Zbot-JG, a variant of Keylogger Zeus.
What Troj/Pdfex-HM Delivers Unto Your Hard Drive and All the Suffering That It Brings with It
Troj/Pdfex-HM's payload, Mal/Zbot-JG, has all the many and extremely harmful functions that any criminal could ask for from a banking trojan. Computers that have been successfully attacked by Troj/Pdfex-HM are especially in danger of losing e-mail information, FTP client information and bank account information. However, even these substantial spying attacks aren't the limited of any variant of Zeus, and that includes Troj/Pdfex-HM's Mal/Zbot-JG.
Updating all the software outlined in the Blackhole Exploit Kit's attack will prevent BEK from taking advantage of vulnerabilities like those used with Troj/Pdfex-HM. Any contact with that site or its e-mail links should be considered a prompt to scan your computer with dependable anti-malware products. To prevent your accounts from being compromised, SpywareRemove.com malware experts also suggest that you change any major passwords after you've removed Troj/Pdfex-HM and all related PC threats.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.