From gbhackers.com
Researchers discovered a new malicious PDF sample that has an ability to exploit the Google Chrome zero-day flaw when victims using Chrome as a local PDF viewer.
Attackers spreading this weaponized PDF intended to exploit the Chrome zero-day vulnerability to track the users and collect some user’s information when they open this malicious PDF in chrome browser.
Initially, this sample detected by the EdgeSpot and its act as a legitimate PDF with no malicious activities when it opened popular Adobe Reader .
But the same sample open via Chrome browser locally then it immediate establish the suspicious outbound traffic and also the engine detected as s “POTENTIAL ZERO-DAY ATTACK (Google Chrome), PERSONAL INFORMATION LEAKAGE.