14 DAY TRIAL // The UK Government's Computer Emergency Response Team (GovCertUK) has issued an alert to warn user and companies on the dangers posed by PDF files encoded as XDPs. Experts believe that this tactic may be used by cybercriminals to bypass antivirus software and infect computers.
The organization informs internauts that the XDP data file, which contains a Base64 encoded copy of a regular PDF, is currently utilized to “evade Anti-Virus and Intrusion Detection Systems.”
On the other hand, Graham Cluley of Sophos argues that users shouldn’t be concerned as long as their machines are protected by a reliable antivirus.
“When you open an XDP file on your computer, the embedded PDF file is written to your hard drive before it is rendered,” Cluley explained.
“At the point that the PDF is accessed for rendering, your on-access scanner should scan the PDF as normal, successfully detecting it if it's a piece of malware that the anti-virus knows about.”