The Register reports that hackers exploited a vulnerable PHP script on the movie review site, ‘Ain’t It Cool’, which redirected visitors over a 90-minute period on Thursday morning to a server containing a malicious Adobe Reader file.
The booby-trapped PDF, according an analysis by researchers at Praetorian Prefect, exploited two vulnerabilities in Adobe Reader that the company has already fixed. When the file is opened by unpatched versions of Reader, it launches malicious shell code that hijacks the machine.
http://www.theregister.co.uk/2009/12/18/aintitcool_malware_attack/
