TROJ_PIDIEF.EVF

TROJ_PIDIEF.EVF is a Trojan dropper that disguises itself as a harmless PDF document in order to exploit an Adobe Reader vulnerability. This vulnerability lets TROJ_PIDIEF.EVF install a second Trojan onto your computer that's designed to compromise your PC's security in multiple ways. SpywareRemove.com malware analysts have found TROJ_PIDIEF.EVF's latest infection vectors to involve copied reports from Mandiant (an information security company) regarding Chinese cyber espionage. If you've accessed similar documents from a source that may not be trustworthy, you should strongly consider scanning your PC to make sure that TROJ_PIDIEF.EVF or other malware related to TROJ_PIDIEF.EVF doesn't need to be removed from your computer.

TROJ_PIDIEF.EVF: Using Your Interest in Malware News Against You

TROJ_PIDIEF.EVF is one of the multitude of PC threats to use PDF files as its preferred means of conveyance and disguise. The latest links promoting TROJ_PIDIEF.EVF will inform you that TROJ_PIDIEF.EVF is nothing more than Mandiant's APT1 report on Chinese spyware – a report that such reputable institutions as the Forbes website are recommended that you read ASAP. However, the TROJ_PIDIEF.EVF version of this report also includes a PDF vulnerability that's used to attack your computer. SpywareRemove.com malware experts warn that there may be no meaningful symptoms of this attack, which drops a normal PDF document onto your PC as a distraction from its malicious functions.

TROJ_PIDIEF.EVF installs another Trojan, TROJ_AGENT.EVF, onto your PC. While the analysis of TROJ_AGENT.EVF is ongoing, SpywareRemove.com malware experts note that common attacks associated with such PC threats can include:

• Backdoor vulnerabilities that allow criminals to issue direct commands to your PC.
• Theft of your personal information through either generalized (recording all of your keyboard input) or specialized (form-grabbing) spyware functions. Account passwords for e-mail clients, popular social networking sites, financial sites and FTP clients are all especially at risk.
• The installation of specialized PC threats, such as ransomware (Trojans that lock your computer with a warning message until you pay a fee), browser hijackers, worms and rogue security programs.

Avoiding the Bad News of TROJ_PIDIEF.EVF with a Little Common Caution

As a result of TROJ_PIDIEF.EVF's fairly obvious path to your machine, you should be capable of avoidingTROJ_PIDIEF.EVF-inspired infection just by avoiding news PDFs from unusual sources – particularly if they resemble popular news topics like the latest Mandiant reports. However, since TROJ_PIDIEF.EVF-compromised PDFs try to look identical to the real thing, you also should be prepared to be safe and use anti-malware software to scan your computer after any contact with PDFs that may have been harboring TROJ_PIDIEF.EVF. Opening the PDF with a vulnerable Adobe Reader program is all that's necessary for TROJ_PIDIEF.EVF to install TROJ_AGENT.EVF automatically.

Although TROJ_PIDIEF.EVF files are readily-identifiable, other types of Trojans that use similar means of attacking your computer are capable of using different disguises. However, SpywareRemove.com malware research team places some stress on the prolific exploitation of the PDF file format, which has carried a wide range of Trojan attacks, with examples including TROJ_PIDIEF.KFR (which installs a backdoor Trojan), BKDR_POISON.EVE (which is installed under the disguise of a second Mandiant report) and TROJ_PIDIEF.EGQ (which is distributed via e-mail spam themed after Korean news).

Technical Details