<<< NEWS FROM THE LAB - Friday, March 5, 2010 >>> ARCHIVES | SEARCH The Morphing PDF Posted by Response @ 07:00 GMT Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it's getting even sneakier…



Imagine a PDF file posted by someone evil online. Of course, Google being Google, the file is recognized as a PDF.







And when we open it, it really is a PDF. No evil codes inside, just a good old vanilla PDF file.







Three hours later… Google still says the file is a PDF. Brod (one of our geeky guys here) is attributing this to Google's cache.







But is it really a PDF this time around?







It morphed! And it even has different topics this time. Topics which, when you follow them, will lead you to another PDF:







At least for a few hours before it becomes…







It's a vicious cycle, but a pretty neat trick. Who would suspect a non-malicious PDF file right? At least before it becomes an HTML file. And the end result is a rogue antivirus scam.



Response post by — Christine and Mina









